Home Server Security Checklist 2026 — Free Security Reference for Windows WSL2 Home Server Owners

You set up your home server. Now make sure it stays yours.

This free one-page printable checklist covers every security step worth taking for a Windows WSL2 home server — written honestly, without fearmongering. Most home server setups on a local network are already reasonably protected by their router firewall. This checklist confirms what is already working, identifies the one critical step most guides skip entirely, and lists the optional hardening measures worth adding for extra peace of mind.

What the checklist covers:

What is already protecting you — no action needed

• Router firewall active and blocking outside access
• WSL2 sandboxed within Windows
• Local network only — no internet exposure by default

The one critical step

• SSH key pair authentication instead of password login
• Password authentication disabled

Optional hardening — recommended

• Default SSH port changed from 22
• Root login disabled
• UFW firewall configured and active
• Only required ports open

Credential security

• YouTube stream keys stored securely and rotated periodically
• Twitch stream keys stored securely and rotated periodically
• Hermes API keys stored in environment variables — never hardcoded
• Telegram bot tokens stored securely

Maintenance

• Ubuntu automatic security updates enabled
• No unnecessary services running
• Port forwarding disabled unless intentionally configured with full security setup completed first

⚠️ One rule that applies to every home server setup — never expose your server to the internet without completing the critical step and optional hardening above first.

Free download. Instant PDF. Companion resource to all Hometown Tech Solutions setup guides.