Bitcoin Forum
May 05, 2024, 12:18:47 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Development & Technical Discussion / Bitcoin Full Node Security Practices? (DevOps) on: December 09, 2019, 05:31:36 PM
I need to run several coin nodes (Bitcoin, Bitcoin Cash, Ethereum, Dash, Tether, etc.) on the cloud. These nodes will all have full transaction indexes in order to view transactions and create/verify our own. I understand each node stores its wallet if you want it to, in this case we will, as we are creating an exchange. I wanted to know from others experience, what are the best security practices to avoid transfer of funds, etc.

Currently I create the server, per default everything is blocked in our firewall so I open port 22 (with specific IP access only) for SSH and 8333 for other peers to connect. Some people suggest using Bastion Hosts and others don't (see: https://medium.com/@henriksylvesterpedersen/you-dont-need-that-bastion-host-cd1b1717a9e7) in order to make it harder to access the server. I do make sure our config file uses hashed password with provided rpcauth.py in sources. What else would you take a look at to make sure the node is as secure as possible?

OS: Debian 9 Stretch
Ports: 22 (IP-bound), 8333 (all)
bitcoind: Runs under its own user
RPC pass: Hashed
RPC allow from: Specific IP
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!