this post was submitted on 10 Dec 2024
140 points (97.3% liked)

Selfhosted

40708 readers
405 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

So, I've been trying to accomplish this for a while. First I posted asking for help getting started, then I posted about trying to open ports on my router. Now, I proudly post about being able to show the world (for the first time ever) my abysmal lack of css and html skills.

I would like to thank everyone in this community, specially to those who took the time to answer my n00b questions. If you'd like to see it, it will be available at: https://kazuchijou.com/

(Beware however, for you might cringe into oblivion and back.)

Since this website is hosted on my desktop computer, there will be some down-time here and then, however I'll leave it on for the next 48 hours (rip electricity bill) only for you guys to see. <3


Now, there are a couple of things that need addressing:

I set it up as a cloudflare tunnel and linked it to my domain. However, I still don't know any docker at all (despite using it for the tunnel), and the process was too incredibly and stupidly easy. I don't think I learned as much as I expected and I didn't feel challenged at all.

The original idea was to do some port forwarding. (This was foolish and a bit of a waste of time). Despite getting a "public-ip-address" from my ISP, I still was unable to open ports successfully. I kept getting the same error again and again. If you'd like to read my original post about port forwarding you may follow this link: "[Solved] ((lie)) Noob stuck on port-forwarding wile trying to host own raw-html website. Pls help".

While I know doing this represents a security risk, I still wanted to at least have a small success with port forwarding. I just wanted to have the raw-internet-connection experience, you know? like, the basics and such. And Cloudflare is holding my hand way too hard, I want to feel like I can shoot myself in the foot (without actually doing so)

But to be honest, I'm quite happy with the outcome. There are many other avenues I'd like to explore in the future, like setting up a reverse proxy with nginx or even darknet hosting (as sugested by another commentor).

I hope to keep learning and some day help another poor soul like myself in a similar situation. I thank you again guys, you're the best.

[TL;DR] This is the best and most helpful community ever! thx <3

you are viewing a single comment's thread
view the rest of the comments
[–] possiblylinux127@lemmy.zip 1 points 1 week ago (1 children)

Then why did you expose it to the internet?

[–] Evotech@lemmy.world 1 points 1 week ago* (last edited 1 week ago) (1 children)

He didn't.

He exposed it to cloudflare

[–] possiblylinux127@lemmy.zip 4 points 1 week ago* (last edited 1 week ago) (1 children)

"They're the same picture"

Not that I am saying it is bad necessarily. Cloudflare does add a extra level of protection. In fact I would say that the chances of a compromise go way down. My concerned is that a lack of knowledge could lead to a compromise.

[–] KazuchijouNo@lemy.lol 1 points 1 week ago (2 children)

Thanks! I appreciate your concern.

This website is just a personal fun project, and I haven't got anything to lose if it gets compromised. On the contrary I've gained a lot so far, and I might gain even more if something bad were to happen to it.

No one can hack into the knowledge and experience I've gained so far.

If you've got any advice on security tools, good practices, etc. I'd appreciate them! I may lack the knowledge, but not the will to learn more

[–] possiblylinux127@lemmy.zip 3 points 1 week ago

The concern is that your device could start serving a different task without you knowing. It might end up being used to help mask hijacked Azure accounts for instance.

The biggest thing I can recommend is least privilege and defense in depth. You want your setup to be compartmentalized as much as possible and you should aim for minimal permissions. The idea is that even if a security hole is exploited the blast radius is limited.

You are probably fine. It is just something to keep in mind.

[–] tehn00bi@lemmy.world 2 points 1 week ago (2 children)

Yeah, I bring this up because I’ve been playing around with a similar idea of a simple html website for documenting personal projects. My site still isn’t really live, but I have it running on a vm through a cloud flare tunnel, similar to you.

[–] KazuchijouNo@lemy.lol 1 points 1 week ago

I'd love to see your website btw!

[–] KazuchijouNo@lemy.lol 1 points 1 week ago

Yeah! That's cool, I haven't had any issues so far.

Everyday I get a bunch of logs of bots trying to access files and folders that don't exist. It seems that they are targeting wordpress sites because all the files start with 'wp-' for example, some tried to access 'wp-admin/credentials', but since my site isn't wordpress I'm not worried. Besides, I'm pretty sure that I could implement some rules on the firewall or even on nginx to block access to said directories by (for example) redirecting them to a different page.