- Bind to internal interfaces where possible.
- Use TLS and modern ciphers.
- Disable unused modules.
- Remove default documents and listings.
- Limit methods and directory access.
- Restrict admin/status endpoints.
- Run as a dedicated user.
- Keep Lighttpd updated.
Do you need help or support? Feel free to contact us!