Help installing a pod?

That’s an important point. I would appreciate an discussion about security very much. Maybe some more experienced pod admins could give some tips to make a diaspora pod more secure. I think another important topic is a solid backup strategy. The responsibility for the pod data increases with every user.
A diaspora pod is like an iceberg, most of the work lurks under the water :relaxed:

There is nothing special about diaspora pods, it’s the same as to make every server secure. So when you know how to run/administrate a server with a webserver and a database securely, you’re ready to run a pod. There is nothing diaspora specific, the defaults are already secure (you can disable some stuff to make it less secure, but you probably shouldn’t).

It’s the same here, the only think the wiki says is:

You should do backups of all user data, that is the whole database and uploaded images. For the images just make copies of the public/uploads directory. Then just dump all Diaspora_ databases from your database server. A web search should get you the information you need on how to do that. Make sure to store the backups on a different server, or at least on a different hard drive.

So it only tells you, where the important data is, but not how to backup them (because it’s different depending on how your setup is).

So everything you wrote about a “diaspora pod” above applies to every service running on a server. So you can ask every admin (not only podmins) how they do these topics, because there is nothing special about diaspora. And there are already many information about “how to run a server” in the internet :slight_smile:

Thank you for detailed answer @supertux88 - the intension of my post was to stimulate a further debate aimed at security and backup strategies in general - here in regard to diaspora pods.
You are right, you can find many sources about these topics in the internet, but some are old or the quality of content is not very good - I think people who work in the server/IT business maybe can contribute some more up to date tips/strategies e.g. special fail2ban rules for pods, monitoring software (Check_MK, OMD), how to identify attacks against pods etc. - things like that.