1
I just integreated mining pool on my server. which means miners connect to my pool and get paid. before they get paid, it goes to my address and that address is located in bitcoin daemon. What are the ways to secure coin daemon? so that no one can access it ever? if accessed , they can steal money.
1
Ideally, you should not be storing the wallet receiving the mining payouts on the same server that hosts your pool software.
In general, when dealing with security, you want to minimize the attack surface. Any additional software you run increases the attack surface, since any vulnerabilities in non-daemon software might allow someone to exfiltrate the wallet or to pass commands to the wallet.
Once you have the wallet on a separate, isolated server, you should follow common best practices such as not having a public RPC interface, IP whitelisting for incoming connections, change all default passwords, disable password and root ssh login, have a strong password on the wallet itself.
