What are current best security practices for custom servers?
It’s been a while since I’ve done any low-level network programming, and I was thinking about doing a hobby project to keep my hand in. What safety/security precautions should I take before punching a firewall hole from the Internet at large to a custom-written TCP server? Is the obscurity of an unadvertised server running an undicumented protocol enough protection, or is there something else that should be done?
"best practices for a hobby project" seems an oxymoron. Particularly in terms of security where everything is a tradeoff between air-gapping and honeypots. Or to put it another way, what are the goals and what do you want to avoid?
I would recommend to not use an unsafe programming language such as C or C++.