Nextcloud - Security

How secure is nextcloud?

Hardening and security guidance: https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html

There’s no definitive answer to your question as it depends on multiple factors. Nextcloud can be reasonable secure if you follow best practices.

it is all about threat model. And you do not need to sit down and ‘model’.

If your situation is just one (virtual) server with some storage attached that is probably connect through internal traffic from in your case Linode, then you probably mostly need to start trusting Linode.

Other security is mainly: firewall, stay up to date, disable password log in, consider fail2ban. Do not enable a ton of other services you don’t use, do not host services that may not be mature (= secure). The more services, the more can be buggy, the more chance these bugs are exploited. Don’t install ‘Arch from scatch’ if you’re not 100% confident about what you do, but just use an established server distro image.

NC is ‘made for the web’. That web is not generally a safe place, but there are also no magic dragons chasing you. Just normal dragons. Normal dragons don’t magically fly through firewalls and don’t magically get root access. They need bugs or brute force passwords.

A server with just ports 443 and 80 open, and some random port for ssh that only allows key authentication does not have a large attack surface. Especially if it runs just NC.

Linode’s business model is not based on scanning its customers’ data and selling information on its users to advertising companies. So in this way, your data is safer from prying eyes compared to Google and its kin. Your data will remain private in that respect. If you are targeted by government agencies, it probably does not matter which service you use, they’ll get it and then whether you encrypted it becomes important (see Cryptomator).

Technically, once you set up NC on a Linode VPS, add the 2FA module and brute force NC addons, and protect your server using fail2ban, SSH keys and 2FA.

Depends what you mean by “safe” – you should probably try to understand what your threat model is. Safe from government surveillance? Safe from concerted attempts to break into your system? Safe from script kiddies exploiting vulnerabilities? Safe from rogue datacentre employees?

I think there are some basic things you can do:

1. ensure your data are encrypted at rest, either by storing in a LUKS-encrypted partition (or GEOM if you’re using *BSD) or using a who does so: this protects against access to your data from the perspective of a datacentre employee (or, to a certain extent, government employee) but that depends on how you store your keys;
2. prevent brute-forcing etc. with different NC settings as detailed in other comments;
3. use firewall rules (or proxy rules) to ban IP addresses for bad behaviour;
4. you could make the instance solely accessible in a private network and access it via a VPN sitting on a different machine which straddles both the public internet and the private network;
5. keep on top of security vulnerabilities in the NC software.

There’s this site that checks your server for vulnerabilities: https://scan.nextcloud.com/