Comment

Comment on How do you all handle security and monitoring for your publicly accessible services?

Xanza@lemm.ee ⁨1⁩ ⁨week⁩ ago

You may say that’s a good practice to separate things

You’re missing the point. VPS isn’t about separating anything… I’m not even sure what you mean by that. VPS is the accepted practice here. Unquestionably. You create private services, and for security you only expose them to the least amount of people possible. You authenticate via VPS connections. You only have to maintain a single database of users to access any number of services, even tens of thousands.

OP is specifically talking about hosting local content that they want to protect. VPS is the solution here.

source

Sort:hotnew top

peregus@lemmy.world ⁨1⁩ ⁨week⁩ ago
Well…if you edit your post after someone has replied to it at least specify what’s you’ve edited and don’t pretend that the answer that somebody else has already given you wasn’t about your non edited post!
If you (my mistake) wrote VPS instead of VPN, you can’t pretend that I’ve answered about VPN!
If you can convince your family member and your friends to use a VPN to use your service, that’s good for you, and I mean it!
But saying that it’s quite impossible to do that, I think that I’m speaking for 99% of the self hoster (is this correct in English? Bah, you got me!)

source
- Xanza@lemm.ee ⁨1⁩ ⁨week⁩ ago
  The entire point of selfhost is to host private services not available to the public. By literal definition, that’s allowing only local traffic to connect to your services. It’s infinitely more secure. A VPN allows you to extend those services over the clearnet to authorized devices via virtualized networks. You don’t have to worry about messing with inbound/outbound ports, or worrying about software failure or misconfigurations accidentally exposing you to the clearnet. You don’t have to worry about DDoS, or abuse. Being attacked? Bring down your VPN and that completely shuts down your issue. Your network is completely unreachable by anyone but a local host.
  
  There’s simply no room for an argument. VPN is objectively better in all possible situations.
  
  source
  - sem@lemmy.blahaj.zone ⁨1⁩ ⁨week⁩ ago
    I didn’t know that was the entire point of self hosting. Some people want to self host things for the public, like a website or game server.
    
    There is a program called “yunohost” to simplify this process.
    
    Maybe a VPS is better for website hosting but some people want to self host.
    
    source
  - peregus@lemmy.world ⁨1⁩ ⁨week⁩ ago
    
    The entire point of selfhost is to host private services not available to the public
    Probably your entire point, a lot of self hosters self host services that family members and friends can reach most of the time without the need of a VPN. This very community is full of examples.
    
    It’s infinitely more secure
    
    I’m with you about that.
    
    There’s simply no room for an argument.
    
    As stated in the other post, I’m sorry about that, I’m here to discuss and learn, if you don’t have room for an argument, our discussion ends here.
    
    VPN is objectively better in all possible situations.
    
    Exactly! in all possible situation!!!
    
    source