I’ll admit I’ve only really been doing all of this fun self-hosting stuff for about 4 years now but I have been learning computer since Apple II. With my local fiber internet I have a static IP address and seem to have no barriers to expose my hosted websites to the internet. I’ve never used cloudfare and can’t imagine why I would need it. Use NGINX reverse proxy manager at both home and work. Some people have to jump through all these hoops and I’m just curious to know what situations necessitate all the extra hassle.

-1 points

I’m just curious to know what situations necessitate all the extra hassle.

You want someone to summarize all the things the internet does?

I don’t think that’s going to teach you the most valuable lesson of all, and badly needed in this case… humility. All the best people I’ve worked with have been the most humble. They know how little they know.

permalink
report
reply
1 point

Some people are cautious, and some like to live dangerously and just don’t care to get hacked. If there is no need to expose publicly, why would you take the risk. If you do, you better be 99.99% sure that your setup is secure. Some people are, and a lot think they are.

permalink
report
reply
2 points

Some people are, and a lot think they are.

Highlighted for importance.

permalink
report
parent
reply
2 points

Thing is, you grew up in the pioneering age of computing, and in that time you needed to do everything yourself. This gave you a bunch of skills for free, that are hard to do today, because most of the hard stuff is automated away and snuck behind a gui and/or containers.

permalink
report
reply
1 point

You are self hosting probably open source stuff you found on GitHub. It’s probably not commercial but community based. I support opensource but they don’t have as much resources to make sure the services are fully secure. That’s one thing.

The second thing is you like tinkering but you probably haven’t researched anything about cybersecurity, it’s a full time job.

The only sliver of hope you have when opening a service online is to hide your ip and setup some access rules. You chose to not even do that.

If you hook up cloudflare tunnels, you’ll quickly notice how many bots check your ip/domain, all the freaking time.

I use their WAF rules extensively to limit access to my server to a few IPs for my family and friends.

permalink
report
reply
1 point

You use Cloudflare to proxy, or in other words, hide your IP. Anyone can hit your DNS records, grab your IP and start DDOSing or hacking on it. They also have some nice features to force security features like HSTS or WAF rules. I’d recommend looking into it, not proxying your public IP is an amateur move. As for using NGINX proxy manager, consider using standalone NGINX and writing your own configuration files. There’s a pretty big security issue with it the lead developer refuses to patch.

permalink
report
reply
1 point

Link to said security issue would be nice so we know what to look out for

permalink
report
parent
reply
1 point

Why not use the phone already in your hand to look it up? There are several multi thousand upvoted threads on this platform about it.

permalink
report
parent
reply

Homelab

!homelab@selfhosted.forum

Create post

Rules

  • Be Civil.
  • Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
  • No memes or potato images.
  • We love detailed homelab builds, especially network diagrams!
  • Report any posts that you feel should be brought to our attention.
  • Please no shitposting or blogspam.
  • No Referral Linking.
  • Keep piracy discussion off of this community

Community stats

  • 9

    Monthly active users

  • 1.4K

    Posts

  • 6K

    Comments