Even a Personal VPS Deserves a Threat Model

This is “just” my VPS, but:

  • it holds real data (Nextcloud, notes),
  • it hosts sensitive systems (Vault, PKI),
  • it’s reachable from the internet.

So it’s worth asking:

  • Who might want to attack this?
  • What are the most realistic paths?
  • What would actually hurt?

High-Level Threats

Examples I think about:

  • Random internet scanning:
  • script kiddies hitting SSH, HTTP, common exploits.
  • Credential leaks:
  • if my SSH keys or Vault tokens are exposed somewhere.
  • App-level vulnerabilities:
  • Nextcloud or other apps having bugs,
  • misconfigurations in proxies or containers.
  • My own mistakes:
  • locking myself out,
  • accidentally exposing internal services.

Responses in My Design

To counter this, I’m:

  • using VPN/IP filters for SSH and critical ports,
  • isolating services via Unix users and rootless Podman,
  • centralizing TLS/PKI in Vault,
  • logging aggressively (at least for myself),
  • documenting failure and recovery procedures.

I don’t need a perfect, enterprise-grade threat model,
but I do need to be honest about where my weak spots are.