Any guides on how to host at home? I’m always afraid that opening ports in my home router means taking the heavy risk of being hacked. Does using something like CloudFlare help? I am a complete beginner.

Edit: Thanks for all the great response! They are very helpful.

  • jadedctrl@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    1 year ago

    From what I understand, opening a port isn’t a risk in and of itself — it’s only a risk if the software using the port is insecure! So long as you use reliable software and take care to configure things properly (following through with instructions from a site like ArchWiki or the official documentation helps), you’re good.

    CloudFlare is more for DDOS protection, which you almost certainly don’t need . You could always set up DDOS protection later on, if the need ever arises.

    • Tavesta@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Every single software is insecure. Generally servers should have their own networks sperated from your private network like an DMZ.

      • Chobbes@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Not sure why this is getting downvoted… This is a reasonable take. Any piece of software exposed to the public internet is a potential attack vector. It can only increase your attack surface, and ideally you should try to trust pieces of software as little as possible and try to limit the impact it can have if it’s compromised. It’s worth considering. That doesn’t necessarily mean that everything is super high risk, but exploits can be found in pretty much anything at any given time, so it’s worth thinking about how to isolate things and worth thinking about what you’re exposing.

    • i_am_not_a_robot@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      3
      ·
      1 year ago

      Yeah, unless you’re worried about people targeting your IP specifically, using a reverse proxy service seems like more complexity without more security. Not opening ports, and especially not opening well known ports, is just superstition. It just changes where somebody connects to the service without limiting access to or securing the service.