server hardening is definitely an often overlooked aspect... that gist looks com... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

codelion 4 months ago | parent | context | favorite | on: Deploy from local to production (self-hosted)

server hardening is definitely an often overlooked aspect... that gist looks comprehensive. i'm curious, have you benchmarked the performance impact of all those security measures? it's a trade-off, right? some community members mentioned using CIS benchmarks as a starting point, then tailoring from there.

klysm 4 months ago [–]

Security performance tradeoff is hard, but I always try to keep in mind what the downside to either is. A small performance hit can definitely matter, but for most use cases a security hit will matter a lot more

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact