this post was submitted on 19 Oct 2023
2 points (100.0% liked)

Self-Hosted Main

502 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
communick@selfhosted.forum
2
how safe i am? (alien.top)
submitted 11 months ago by pastelstocking@alien.top to c/main@selfhosted.forum
22 comments fedilink hide all child comments
 

I’ve migrated from cloudflare pages to cloudflare tunnels as I wanted to do a little bit more.

I can’t segregate my network as my ISPs router is rather limited, which means no vLANs. Connecting another router would introduce a double nat as they don't allow bridging. So I'm running my website basically "raw" in a hyperV virtual machine. the website is semi-static and made out of flatfiles, therefore it's is quite impossible to login into it. as stated before i’m using cloudflare tunnels to expose a nginx server to the interner. what are the chances someone or something (bot) inflataring my network? 100% safety is not possible but how safe am i?

you are viewing a single comment's thread
view the rest of the comments
[–] parnelli99@alien.top 1 points 11 months ago (1 children)

Run your hosting inside a docker container. If someone were to hack you they, in theory, would only have access to whatever is in that container and not your entire server. Someone with more expertise please feel free to correct me if I'm wrong. I am not an expert in this, just offering what I (think I) know.

[–] amizzo@alien.top 1 points 11 months ago

Exactly. Even if they make it into your network (which would be somewhat unlikely already, since CF obfuscates your home IP), as long as you don't run your docker containers in "privileged" mode (or give the containers RW access to important directories on your server), you'd be fine except for the most end-of-world scenarios.