Additional Security & Node Best Practices

Quick steps to secure your node

Additional Security

This guide shows you how to take additional steps to secure your server. Each security item is enumerated below.

Please note that any ports listed in the guide are not specific to the Hop Node.

Instance Best Practices

The following are best practices when running a node.

Type Best Practice

Type	Best Practice
Networking	Assign static internal IPs to both your validator node and daily laptop/PC. This is useful in conjunction with ufw and Fail2ban's whitelisting feature. Typically, this can be configured in your router's settings. Consult your router's manual for instructions.
Power Outage	In case of power outage, you want your validator machine to restart as soon as power is available. In the BIOS settings, change the Restore on AC / Power Loss or After Power Loss setting to always on. Better yet, install an Uninterruptible Power Supply (UPS).
Clear the bash history	When pressing the up-arrow key, you can see prior commands which may contain sensitive data. To clear this, run the following: `shred -u ~/.bash_history && touch ~/.bash_history`

Networking

Assign static internal IPs to both your validator node and daily laptop/PC. This is useful in conjunction with ufw and Fail2ban's whitelisting feature. Typically, this can be configured in your router's settings. Consult your router's manual for instructions.

Power Outage

In case of power outage, you want your validator machine to restart as soon as power is available. In the BIOS settings, change the Restore on AC / Power Loss or After Power Loss setting to always on. Better yet, install an Uninterruptible Power Supply (UPS).

Clear the bash history

When pressing the up-arrow key, you can see prior commands which may contain sensitive data. To clear this, run the following:

shred -u ~/.bash_history && touch ~/.bash_history

Last updated 11 months ago