Hey y’all! First time trying to self-host something, I started with a local Nextcloud instance for me and my family to use. I just wanted to make sure that no outsiders can enter the instance (access it or its files) through a browser on another connection.
I don’t have a DNS server so we access it through its IP address. The connection is unencrypted (I don’t know if this is a problem on a local instance, but from what I’ve read, I need a local DNS server to encrypt it, as well as to be able to set a domain (?) name (I don’t really know if it’s a domain name, but I’m referring to the website name, for instance google.com). I don’t think leaving it as it is (unencrypted, no domain name, only accessible through IP) will be problematic. Could other people access the server remotely with this setting? By remotely, I mean from far away. I tried out Nextcloud’s own Security Scan and it returns:
Scan failed! The scan for the specified domain failed. Either no Nextcloud or ownCloud can be found there or you tried to scan too many servers.
I’m guessing this is a good thing for what I’m trying to achieve?
for reference, the tutorial I’ve used is this one under Linux Mint
In general, if you haven’t taken steps to expose your service to the Internet, it’s not accessible over or to the internet. Your router that connects you to the Internet should have a firewall that blocks all inbound, unsolicited requests, and you also need to do something explicit with most self hosted service to expose them, they will not announce themselves to the world.
In addition if you’re using an ipv4 network address that’s likely a private address (like 10.x.y.z, 172.x.y.z, or 192.168.x.y), which also isn’t accessible outside of your network.