Security Considerations

Securing your installation is crucial, especially if you plan to make it accessible beyond your local network.

Credentials

Choose one of these methods to set secure credentials:

1. JWT key: Automatically rotated at each startup if not provided

2. JSON In the UIMod folder, edit config.json to add users manually (requires hashed creds as a json map) or use /adduser (or /changeuser in never versions)

Network Security

1. Firewall Configuration

   • Only open the necessary ports (27015, 27016 for the game server)
   • Keep the web UI port (8443) restricted to best practices
   • Consider using Windows Firewall or iptables (Linux) to restrict access

2. Reverse Proxy Setup

   • If you need remote access to the web UI, set up a reverse proxy with:
     • (Traefik - might be worth checking out!)
     • Rate limiting to prevent brute force attacks

Application Security

2. Discord Integration
   • Keep your Discord bot token secure
   • Use Discord's role-based permissions to restrict command access
   • Only give administrative command access to trusted users

Docker Security

If using Docker:

1. Container Isolation

   • Don't run containers with --privileged flag
   • Use volume mounts instead of bind mounts where possible

2. Network Configuration

   • Use Docker's network controls to limit container access

Next Steps

• Configuration - Review proper Configuration procedures
• Docker Guide - Secure containerized deployment