[ianopolous]

We treat the server as an adversary. So everything is chunked an encrypted so the server can't see file data, filenames, file sizes, whether something is a file or dir, who has access to a file, who your friend are etc. Everything is signed so servers can't tamper with your data either.

We also use a p2p and self-authenticated protocol so it is easy to migrate servers whilst keeping your identity, friends and data.

[Semaphor]

Interesting, in selfhosted discussions, I usually hear about that as a negative (it comes up frequently in the seafile - nextcloud comparison). It makes sense, but I hadn’t heard the pro-part of the argument before.

[Erratic6576]

I used to self host Nextcloud and securing it ended up being very complicated

[Semaphor]

I selfhost it, and I have no issues.

[syeare]

How did you secure your setup?

[Semaphor]

Securing the server like any other, 2FA for nextcloud, and follow the security guidelines: https://docs.nextcloud.com/server/latest/admin_manual/instal...