<p>I may have mentioned this before - I do run my own virtual servers for important services (basically email and my web presence). I do this mostly for historic reasons and also because I’m not a huge fan of using centralised services for all of the above. The downside is that you pretty much have to learn at least about basic security. Over the 20+ years I’ve been doing this, the Internet hasn’t exactly become a less hostile place. Anyway, Elliptic Curve Certificates, what…

<p><em>Update 2021-12-18: It looks like the rdiff-backup port has been removed from the FreeBSD ports tree, so installing it via the port is definitely not an option anymore. Also, the method described below works on FreeBSD 13.0 as well.</em></p>

<p>In <a href="https://www.lonecpluspluscoder.com/2020/01/16/building-an-openbsd-wireguard-vpn-server-part-2-unbound-dns-setup/">part 2</a>, I reconfigured my WireGuard VPN to use an Unbound DNS server on the VPN server rather than rely on a third party server I had used for the original quick and dirty configuration. It was important for me to set up a validating DNS server, which I did in that part.</p>

<p>This blog is self-hosted, together with some other services on a FreeBSD virtual server over at <a href="https://www.rootbsd.net/">RootBSD</a>. Yes, I’m one of those weirdos who hosts their own servers - even if they’re virtual - instead of just using free or buying services.</p>

<p>If you haven’t heard about the bash “shellshock” bug yet, it may be time to peek out from underneath the rock you’ve been under ;). While bash isn’t installed as standard on FreeBSD, there’s a very good chance that someone either installed it because it’s their preferred shell or because one of the ports lists it as a dependency. Either way, now would be a really good time to check if your machine has bash installed if you haven’t done so…