I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

  • lud@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    You don’t have to host the VPN on the router. You can also host it on a separate machine or the same one that’s running the Minecraft server.

    • ricecake@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      Oh for sure. What I meant was “check router for a built in VPN and use it if it has one, otherwise use wireguard because it’s the easiest”.

      The specific VPN doesn’t really matter so much. The built-in one would be the easiest, so checking for a solution that took a few clicks is worth it. :)

      • lud@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        Fair enough.

        But personally I would recommend trying to setup wireguard if your router doesn’t have it integrated. It’s just so much faster than OpenVPN (usually the only built in option).

        • ricecake@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 months ago

          Yeah, it’s definitely faster, but I’m not sure it’s going to make too much of a difference for a Minecraft server.

          With setting it up being a bit annoying by hand, I’d still rank the router option higher even if it’s a worse VPN. Otherwise you risk ending up in that yak shaving situation where you’re fighting with routing tables and DNS when you wanted a Minecraft server.

          • lud@lemm.ee
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 months ago

            Yeah, that’s also fair. I have a tendency to overcomplicate things like this when all I wanted was a simple service.