There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Is it practically impossible for a newcomer selfhost without using centralised services, and get DDOSed or hacked?

I understand that people enter the world of self hosting for various reasons. I am trying to dip my toes in this ocean to try and get away from privacy-offending centralised services such as Google, Cloudflare, AWS, etc.

As I spend more time here, I realise that it is practically impossible; especially for a newcomer, to setup any any usable self hosted web service without relying on these corporate behemoths.

I wanted to have my own little static website and alongside that run Immich, but I find that without Cloudflare, Google, and AWS, I run the risk of getting DDOSed or hacked. Also, since the physical server will be hosted at my home (to avoid AWS), there is a serious risk of infecting all devices at home as well (currently reading about VLANS to avoid this).

Am I correct in thinking that avoiding these corporations is impossible (and make peace with this situation), or are there ways to circumvent these giants and still have a good experience self hosting and using web services, even as a newcomer (all without draining my pockets too much)?

Edit: I was working on a lot of misconceptions and still have a lot of learn. Thank you all for your answers.

unknowing8343 ,

Not my experience so far with my single service I’ve been running for a year. It’s making me even think of opening up even more stuff.

thirdBreakfast ,

Yeah na, put your home services in Tailscale, and for your VPS services set up the firewall for HTTP, HTTPS and SSH only, no root login, use keys, and run fail2ban to make hacking your SSH expensive. You’re a much smaller target than you think - really it’s just bots knocking on your door and they don’t have a profit motive for a DDOS.

From your description, I’d have the website on a VPS, and Immich at home behind TailScale. Job’s a goodun.

filister ,

Just changing the SSH port to non standard port would greatly reduce that risk. Disable root login and password login, use VLANs and containers whenever possible, update your services regularly and you will be mostly fine

Decronym Bot , (edited )

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters
CGNAT Carrier-Grade NAT
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
IP Internet Protocol
NAS Network-Attached Storage
NAT Network Address Translation
NFS Network File System, a Unix-based file-sharing protocol known for performance and efficiency
Plex Brand of media server package
SSH Secure Shell for remote terminal access
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

13 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.

[Thread for this sub, first seen 26th Jun 2024, 10:25] [FAQ] [Full list] [Contact] [Source code]

amanda ,
@amanda@aggregatet.org avatar

Can you (or a human) expand NPM, presumably not the Node Package Manager?

LunarLoony ,
@LunarLoony@lemmy.sdf.org avatar

NPM

Nginx Proxy Manager, I assume

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •