sorb/axion1337.chat-gitops
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases 3 Wiki Activity

[CRITICAL] Hetzner Cloud Firewall: Default-Deny Setup #4

New Issue
Closed
opened 2026-05-14 21:41:56 +00:00 by sorb · 2 comments
sorb commented 2026-05-14 21:41:56 +00:00
Owner
Copy Link

Implement Hetzner Cloud Firewall. Allow 80/443 and SSH, block everything else. Impact: Blocks 99% of background noise. Est. Time: 30 min

Implement Hetzner Cloud Firewall. Allow 80/443 and SSH, block everything else. Impact: Blocks 99% of background noise. Est. Time: 30 min
sorb added this to the aXion1337 Roadmap project 2026-05-14 21:48:02 +00:00
sorb added the
priority:critical
area:security
 labels 2026-05-14 21:49:06 +00:00
sorb commented 2026-05-14 21:50:18 +00:00
Author
Owner
Copy Link

ai slop already done

ai slop already done
sorb moved this to ready in aXion1337 Roadmap on 2026-05-14 21:55:15 +00:00
sorb commented 2026-05-15 11:47:51 +00:00
Author
Owner
Copy Link

COMPLETE (2026-05-15)

Hetzner Cloud Firewall konfiguriert:

  • SSH: Port 2248, spezifische IPs (178.25.213.70, 2a02:8108:0:2f::/64)
  • HTTP/HTTPS: Any IPv4/IPv6 (80, 443)
  • TURN/STUN: WebRTC Ports (3478, 5349, 49152-65535 UDP)
  • RTC Services: SFU + Auth Ports
  • SMTP: Port 587

Status: Optimiert über Plan (mehr Services erlaubt für Full-Stack).
Security: Default-Deny für nicht-definierte Traffic.

Fix Issue: #4

✅ **COMPLETE** (2026-05-15) Hetzner Cloud Firewall konfiguriert: - SSH: Port 2248, spezifische IPs (178.25.213.70, 2a02:8108:0:2f::/64) - HTTP/HTTPS: Any IPv4/IPv6 (80, 443) - TURN/STUN: WebRTC Ports (3478, 5349, 49152-65535 UDP) - RTC Services: SFU + Auth Ports - SMTP: Port 587 Status: Optimiert über Plan (mehr Services erlaubt für Full-Stack). Security: Default-Deny für nicht-definierte Traffic. Fix Issue: #4
sorb closed this issue 2026-05-15 11:48:08 +00:00
sorb moved this to done in aXion1337 Roadmap on 2026-05-15 12:05:16 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area:authentik
Authentik Identity Provider
area:database
Database and backups
area:element
Element and UI
area:infrastructure
K3S and infrastructure
area:security
Security hardening
priority:critical
Critical - This week
priority:high
High - 1-2 weeks
priority:medium
Medium - ~1 month
No Label
area:security
priority:critical
Milestone
No items
No Milestone
Projects
Clear projects
No project aXion1337 Roadmap
Assignees
Clear assignees
sorb
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sorb/axion1337.chat-gitops#4
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?