HFS: Secure your server

From rejetto wiki
Jump to navigation Jump to search

This article is about security for HFS users.

Many people ask: am I safe running this server software?
100% safety on the net is utopia, but we want to be reasonably safe.

HFS is considered quite safe software, no security bug is known at the moment, just ensure you are using the last version available. Moreover, HFS is open source, thus anyone is able to check for security flaws in it.

Even though it was not designed to be extremely robust, it is quite stable and has been used for months without a restart (see forum topic).

Secure your Windows

Before HFS, you should worry about your Windows system. To secure your computer follow this advice:

  • keep Windows updated with Windows Update
  • use a good and updated firewall
  • use a good and updated antivirus

If you comply with these rules, the risk may be considered very low.

What about strange logs?

If you see scary requests in the log, don't worry. They are just requests. By default HFS logs fulfilled requests, so, if no reply has been logged, the request has not been fulfilled.


HTTPS is not supported natively at the moment. Hard to say when in the future it will be. In the meanwhile you can try adding HTTPS support by using STunnel. You can read an article on our forum where the thing is discussed in details.

Useful links