Unraid Security Best Practices

Users in Unraid are used to define access credentials for Shares. In general, from Windows Network Explorer on PC or Finder on Mac, when you click on a particular share, your PC or Mac will prompt you for the username/password to access that share. For username, you must enter the name of a User you have created on the Unraid side, along with the corresponding password. Once that is done, you will be granted access to the share. Whether you are prompted for credentials or not depends on several settings:

Generally, once you have entered the credentials once, you will not be prompted again unless something changes, e.g., password change on the Unraid side.

Finally, in the case of Windows, if you create a username on the Unraid side which exactly matches your Windows username, and the passwords also match, Windows will not prompt you to enter credentials.

Keep Your Server Up to Date

An unfortunate reality in this day and age is ever constant security vulnerabilities and corresponding security updates. We are vigilant in quickly releasing updates for any and all security vulnerabilities found and we routinely release bug fixes and new features to make Unraid more efficient, stable, and robust. With this in mind, we always recommend you keep your server up to date!

Along with keeping your OS up to date, keep all plugins, apps, containers, and all other computers on your network up to date with security patches!

Configuring Update Notifications can be done in Settings→Notification Settings.

Other Best Practices

• Set up and use WireGuard, OpenVPN or nginxProxyManager for secure remote access to your Shares. For WireGuard set up, see this handy getting started guide.

• Set up 2FA on your Unraid Forum Account.

• Set up a Remote Syslog Server.

• Install the Fix Common Problems plugin. Installing this plugin will alert you to multiple failed login attempts and much, much more.

• Change your modem password to something other than the default.

• Consider installing ClamAV.

Note: This is not an exhaustive list. Let us know what we missed in the forums!

Other Best Practices

• Set up and use WireGuard, OpenVPN or nginxProxyManager for secure remote access to your Shares. For WireGuard set up, see this handy getting started guide.

• Set up 2FA on your Unraid Forum Account.

• Set up a Remote Syslog Server.

• Install the Fic will alert you to multiple failed login attempts and much, much more.

• Change your modem password to something other than the default.

• Consider installing ClamAV.

Note: This is not an exhaustive list. Let us know what we missed in the forums!