Selfhosted

40183 readers

533 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

ruud@lemmy.world

Loki@lemmy.world

CannaVet@lemmy.world

HybridSarcasm@lemmy.world

devve@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Hosting securely at home (lemmy.world)

submitted 1 year ago* (last edited 1 year ago) by ThousandthStar@lemmy.world to c/selfhosted@lemmy.world

7 comments fedilink hide all child comments

Any guides on how to host at home? I'm always afraid that opening ports in my home router means taking the heavy risk of being hacked. Does using something like CloudFlare help? I am a complete beginner.

Edit: Thanks for all the great response! They are very helpful.

you are viewing a single comment's thread
view the rest of the comments

[–] midas@ymmel.nl 0 points 1 year ago* (last edited 1 year ago) (1 children)

First you've got to determine where threats can come from, then which surfaces are vulnerable and eventually the reach. In short what I mean:

SSH port (default 22) is high on the threat encounter level. Lots of bots try to scan every host they can find for an open SSH port. The risk is high because this is a doorway to your network. There's honestly no good reason to have port 22 open to your home. Get tailscale vpn. There are alternatives, I use tailscale, it's great.

When youre hosting apps, they can also be vulnerable. Keep them updated and you'll mostly be fine. There are levels of security. Super super secure is creating seperate networks for these apps so they can't access others. Bit much imo. Use non-rooted docker, enough of a sandbox.

In the end you're a small fish in a big pond, not saying you should be a cowboy but with a few decent measures you should be OK.

Tl;dr

don't open port 22
use a VPN (tailscale)
update apps
non-rooted docker

[–] iliketurtles@lemmy.world 0 points 1 year ago

What's wrong with exposing port 22? I have password authentication disabled, ssh keys only. Isn't that secure enough?