• 1 Post
  • 18 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle








  • I feel like, at least in this context, it’s unnecessary.

    If your in a submarine and OP tries to open the external hatch while submerged, sure call him dumb. If op leaves your baby in a scorpion pit because he thought it’d make the child gain super powers, dumb.

    If, however, OP thinks that Google is a valid metric to gage how popular something is. “I disagree with using this as a valid metric and here’s the reasons why.”

    No need to call him dumb. This post didn’t hurt or impact you personally. It’s just the original guy who called him dumb really doesn’t like google. Which is fine. Not gonna call him dumb for using duck duck go.










  • I host in the way that you describe: “service.domain.com”. I use Cloudflare, docker, and Caddy.

    I don’t remember any pit falls off the top of my head. Make sure to use HTTPS (port 443). Everything on http is basically open for everyone to see. Caddy should set that up for you automatically, tho. I recently moved to Caddy from Traefik, it’s an awesome tool.

    Oh, here’s a pitfall. One time I opened a port, #22, for ssh access to my server. I installed fail2ban on my server. One weekend I looked at my logs and found I’d banned hundreds of IP addresses. Some bot found my open port and then begun attacking the login with some kinda rainbow table. I moved the port from the ssh default to something else and never had a problem since.

    Also, and this isn’t a requirement but just useful, I set up a VLAN for my selfhosted server. It’s firewalled from my local network. That way, if someone access’ my server they don’t have access to my whole network.

    So, tldr, have fun and midigate risk where you can.