I’ve been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I’ve been meaning to get UFW on it but I’ve been too lazy to do so. Is it a necessary thing that I need to have or it’s a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I’d say my server’s pretty secure but not the furthest I could take it. Opinions please?
IMO this attitude is problematic. It encourages people (especially newbies) to think they can’t trust anything, that software is by nature unreliable. I was one of those people once.
Personally, now I understand better how these things work, there’s no way I’m wasting my time putting up multiple firewalls. The router already has a firewall. Next.
PS: Sure, people don’t like this take - you can never have enough security, right? But take account of who you’re talking to - OP didn’t understand that their server is not even on the public internet. That fact makes all the difference here.