Skip to content

"Wait... is any of this actually secure?"

You've been so focused on making things work that you never stopped to ask: is any of this secure?

The default OpenWrt firewall is decent, but you've been opening ports left and right for services. The WiFi is using WPA2 with a shared password that everyone knows. The firmware hasn't been updated since you first flashed it.

Time to lock the doors:

  • Firewall rules — only allow what needs to be allowed
  • WPA3 — stronger WiFi encryption where devices support it
  • Firmware updates — patch known vulnerabilities
  • Network segmentation — isolate IoT devices, guest WiFi, and management traffic
  • SSH hardening — key-based auth, disable password login

Work in Progress

This section will cover security fundamentals for community networks — not enterprise-grade paranoia, but practical steps that dramatically reduce risk.

Guide reference

For a detailed security checklist, see Guide — Security.