Forest
Follow

@seedlingattempt@kolektiva.social

Good question. It may depend. I have been self-hosting for many years, and I have always used my home IP address to do so. I've never ran into any problems with it.

I would summarize it with different risk categories.

1. ingress vulnerability risk

The risk that the server you put onto the public network is vulnerable to an ez-to-execute attack which would allow a remote attacker to run code on your server and take it over.

2. accidental exposure

The risk that you accidentally publish something you didn't mean to publish, like your private documents.

3. privacy/self-doxxing risks

If you operate your public site via your home IP address like I do, obviously anyone who knows about the existence of your site also knows your home IP address and may be able to execute a DOS attack against you (pay a small time criminal to have 1000s of compromised computers attempt to connect to your house, thus clogging/disabling your home internet connection)

Also, typically in order to host a web site, you have to have a domain name. The contracts for domain name registration require you to put your personally identifying information on file with the registrar in association with the domain name. This personally identifiable information may or may not be published (its almost always not published) but it is definitely on file.

If you wish to address #1, all you have to do is use common configurations of well known and up-to-date open source software and you should be fine.

If you wish to address #2 , just be sure to understand what the software you install is doing, be careful what you publish, if you implement any sort of security in front of your private content, then try to attack your own site a bit to make sure its not trivially vulnerable.

If you wish to address #3, you may either host your website via TOR or another anonymity network, or you may use a hosting oriented VPN/reverse tunnel provider like Greenhouse. You may also set up your own VPN with a cloud provider of your choice to act as a lightning rod.

There are probably privacy focused DNS providers as well. Or you can use Namecoin, but that won't work with anyone else's computer yet.

· · 0 · 0 · 0
Sign in to participate in the conversation
Pixietown

Small server part of the pixie.town infrastructure. Registration is closed.

Resources

Developers

What is Mastodon?

pixie.town

More…

v3.5.19 · Privacy policy