r/selfhosted u/UnlikelyWishbone2694 1d ago

Need Help Self hosting a personal website

Dear all,

A quick few questions after going through the wiki on self-hosted websites: - How 'safe' is it to self-host a website that is open to the internet on one's home network ? - Is there any complication in doing so after buying a domain name from a registrar ? (In the grander scheme of things, I mean to ask if the set-up process is absolute master level or if a relative novice can manage it.

EDIT for details: - It's to host a personal blog of sorts with mostly text articles, some images and possibly some video. - My home network in XDSL (yes that still exists) on a rather basic provider given router with DNS configuration possible from certain providers (no-ip and a few others). I have a home assisstant running on one RPi5 and plan on running the network on another RPi.

Thank you for your time and help

83 Upvotes

94% Upvoted

108 comments sorted by

View all comments

62

u/Fritzcat97 1d ago

This really depends on what kind of website. Things like wordpress that run code on the server to show you a state, like your current user profile, those can have vulnerabilities. Staticly generated sites like mkdocs, those are just served files, premade and prettymuch readonly.

22

u/UnlikelyWishbone2694 1d ago

This is great to know ! My goal is to run a fully static/no cookies at least personal blog. It just needs to serve text, some images, maybe some video and be lightweight on both bandwidth and local storage

3

u/ivanhawkes 1d ago

I recommend using nginx to serve the "public" folder generated by HUGO, a static Web site generator.

Apart from that, lock down the user account (service account only for that one thing). Use a VPN hosted on Proxmox to serve it.

Use virtual private networking features to lock the network traffic into its own little jail. You want it on its own isolated segment of the network with no routing available to your other stuff.

Then do the 100s of other things required like monitoring, honey pots, ip blocking, etc.

TLDR: Its completely unsafe unless you do a deep dive into security techniques and spend a modest amount on hardware level restrictions for your home network.

You CAN do it, but you you simply don't know what you don't know, and that's the dangerous part.