search

Fullnode security

Hey folks! I want to break down the basics of Aptos Fullnode security, which should generally be enough for you to be confident your full node is in safety.

After you set your Fullnode you should think about safeguarding it to make Aptos network more stable and secure.

hashtag
Important preface:

*you need to follow general security rules, such as setting different complex passwords for each resource (your server provider, working session, mail and so on)

*Make sure to take care of 2FA as it is a strong defense against hacking in addition to the password.

Most of all hacks and thefts happen not because of the skill of attackers, but because you initially make weak passwords, forget about 2FA, use the same password everywhere. Please take this point seriously.

hashtag
Create user

sudo adduser molot #create complex password

hashtag
Giving permissions to new user:

sudo usermod -aG sudo molot

hashtag
To check whether new user is in a sudo group or not do the command

sudo -l -U molot

hashtag
join as new user

su molot

hashtag
Add the public key on server

circle-info

Now you will need the private key you created to work with your Fullnode in the future

hashtag
Close login and password access

Setting values:

hashtag
Turn auto updates off

Set all on 0.

hashtag
Firewall settings (ufw)

For the validator fullnode:

For the validator:

For a public fullnode:

hashtag
enable firewall

hashtag
To monitor the healthiness of your Fullnode and react instantly I recommend setting monitoring tools and care about alerts integration.

Hope someone will find this useful, thanks for reading and have a good day!

PreviousHow to move node using snapshotNextSnapshot

Last updated