Selfhosted

60210 readers

785 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

Be civil.
No spam.
Posts are to be related to self-hosting.
Don't duplicate the full text of your blog or readme if you're providing a link.
Submission headline should match the article title.
No trolling.
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago

MODERATORS

curbstickle@anarchist.nexus

curbstickle_lw@lemmy.world

112

Do you selfhost your own blog/website? (slrpnk.net)

submitted 2 years ago by Sunny@slrpnk.net to c/selfhosted@lemmy.world

51 comments fedilink hide all child comments

Hey there!

I'm thinking about starting a blog about privacy guides, security, self-hosting, and other shenanigans, just for my own pleasure. I have my own server running Unraid and have been looking at self-hosting Ghost as the blog platform. However, I am wondering how "safe" it is to use one's own homelab for this. If you have any experience regarding this topic, I would gladly appreciate some tips.

I understand that it's relatively cheap to get a VPS, and that is always an option, but it is always more fun to self-host on one's own bare metal! :)

you are viewing a single comment's thread
view the rest of the comments

[–] foster@lemmy.fosterhangdaan.com 17 points 2 years ago (1 children)

I self-host everything from my home network including my website. I like to keep all my data local. 😁

It's a simple setup: just a static site made with Lume, and served with Caddy. The attack surface is pretty small since it's just HTML and CSS files (no JavaScript).

[–] LunchMoneyThief@links.hackliberty.org 3 points 2 years ago (1 children)

I wonder sometimes if the advice against pointing DNS records to your own residential IP amounts to a big scare. Like you say, if it's just a static page served on an up to date and minimal web server, there's less leverage for an attacker to abuse.

I've found that ISPs too often block port 80 and 443. Did you luck out with a decent one?

[–] foster@lemmy.fosterhangdaan.com 6 points 2 years ago* (last edited 2 years ago)

I wonder sometimes if the advice against pointing DNS records to your own residential IP amounts to a big scare. Like you say, if it’s just a static page served on an up to date and minimal web server, there’s less leverage for an attacker to abuse.

That advice is a bit old-fashioned in my opinion. There are many tools nowadays that will get you a very secure setup without much effort:

Using a reverse proxy with automatic SSL certs like Caddy.
Sandboxing services with Podman.
Mitigating DoS attacks by using a WAF such as Bunkerweb.

And of course, besides all these tools, the simplest way of securing public services is to keep them updated.

I’ve found that ISPs too often block port 80 and 443. Did you luck out with a decent one?

Rogers has been my ISP for several years and have no issue receiving HTTP/S traffic. The only issue, like with most providers, is that they block port 25 (SMTP). It's the only thing keeping me from self-hosting my own email server and have to rely on a VPS.