this post was submitted on 18 Oct 2023
1 points (100.0% liked)

Self-Hosted Main

504 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
communick@selfhosted.forum
1
Question about home server security (alien.top)
submitted 1 year ago by Overall_Painting3759@alien.top to c/main@selfhosted.forum
5 comments fedilink hide all child comments
 

Heya, I feel pretty dumb to not know much about this. I've been searching endlessly for hours, but couldn't personally find anything that answers my question, so I decided to ask you guys who actually know how these things work.

So, I have setup a Fedora Server to my old unused MacBook. It's connected to a modem via ethernet cable, and I use it to run Docker containers like FileBrowser, Yacht, Plex, Git server, etc.

The server does have internet access. But I'm wondering how much do I really need to secure my server? To my knowledge, the server shouldn't be accessible outside from my network, but I'm not really sure(?). How would I make sure that the server isn't accessible from outside my network?

I'm certain that no one will be able to connect to my network/wifi, so I wouldn't stress about people gaining access to my server if they would only be able to access to it from my local network, but I'm unsure if my server is available outside of my LAN.

I would appreciate any help!

you are viewing a single comment's thread
view the rest of the comments
[–] Eirikr70@alien.top 1 points 1 year ago

There must be a way to open ports on your modem (that is NAT forwarding). If no port is open, there is no way to gain access to your server. If a port is open, then there might be a way for an intruder to get into your network. The reality is a bit more complex (man in the middle, ...) but it would make sense only if your data is of value or if someone means you harm.