hsdkfr734r
@hsdkfr734r@feddit.nl
- Comment on Is it practically impossible for a newcomer selfhost without using centralised services, and get DDOSed or hacked? 5 days ago:
One aspect is how interesting you are as a target. What would a possible attacker gain by getting access to your services or hosts?
The danger to get hacked, is there but you are not Microsoft, amazon or PayPal. Expect login attempts and port scans from actors who map out the internets. But I doubt someone would spend much effort to break into your hosts if you do not make it easy.
DDOS protection isn’t something a tiny self hosted instance would need (at least in my experience).
Firewall your hosts, maybe use a reverse proxy and only expose the necessary services. Use secure passwords (different for each service), add fail2ban or the like if you’re paranoid. Maybe look into MFA. Use a DMZ (yes, VLANs could be involved here). Keep your software updated so that exploits don’t work. Have backups if something breaks or gets broken.
In my experience the biggest danger to my services is my laziness. It takes steady low level effort to keep the instances updated and running. (Yes there are automated update mechanisms - unattended upgrades i.e. -, but also downwards compatibility breaking changes in the software which will require manual interactions by me.)
- Comment on Shrimps 1 month ago:
Oh wow, you’re riding the wave here.
- Comment on Shrimps 1 month ago:
That is humour shaming!
- Comment on Students’ Leaf Blower Suppressor To Hit Retail 1 month ago:
To blow leaves.
- Comment on Feel the burn 1 month ago:
Sharing is caring, George!
- Comment on blast me off, fam 1 month ago:
- Comment on kids are gowing up faster and faster 1 month ago:
But why? It’s different.
- Comment on YouTube Tests Showing Ads When You Pause a Video, Calls it ''Pause Ads'' 2 months ago:
Not anymore, you don’t!
- Comment on physick 2 months ago:
It’s a Ringle
That’s what she said (in the first place :).