this post was submitted on 26 Feb 2024
79 points (97.6% liked)

Selfhosted

40359 readers
335 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I think of myself as technically inclined. I have installed Linux multiple times and have basic command line knowledge, and I've programmed in many languages, with the most experience making a static website game using HTML/CSS/JS.

Additionally, I own the superspruce.org domain (my registrar is Dynadot), but I don't really know how to wield the power of owning a domain. I also have some spare computers to be used for hosting, a 2009 laptop running Lubuntu and a 3900X+32GB RAM desktop other running KDE Neon, but I'm also open to experimenting with cloud hosting too (I know, sacrilege here).

However, I don't know much about the TCP/IP protocol or other networking protocols. I'm happy to learn, but the curve would need to start gently.

I would want to try hosting my websites, and also a personal non-federated Lemmy instance to serve as a archivable forum for my games. Even if it's not very useful, it's great experience.

you are viewing a single comment's thread
view the rest of the comments
[–] Fisch@lemmy.ml 1 points 9 months ago (3 children)

I actually use a dynamic IP and it works pretty well for me, I don't remember having any issues because of that. Also, what happened after those two weeks to your server and how? I've been running my things for over 3 years and I haven't done anything special in terms of security.

[–] Shdwdrgn@mander.xyz 1 points 9 months ago (2 children)

This was back in '99 and I didn't know much about linux (or servers) at the time, so I'm not exactly sure what they did... but one morning I woke up and noticed my web service wasn't working. I had an active login on the terminal but was just getting garbage from it, and I couldn't log in remotely at all. My guess was that someone hacked in, but hacked the system so badly that they basically trashed it. I was able to recover a little data straight from the drive but I didn't know anything about analyzing the damage to figure out what happened. so I finally ended up wiping the drive and starting over.

At that point I did a sped-run of learning how to set up a firewall, and noticed right away all kinds of attempts to hit my IP. It took time to learn more about IDS and trying not to be too wreckless in setting up my web pages, but apparently it was enough to thwart however that first attacker got in. Eventually I moved to a dedicated firewall in front of multiple servers.

Since then I've had a couple instances where someone cracked a user password and started sending spam through, but fail2ban stopped that. And boy are there a LOT of attempts at trying to get into the servers. I should probably bump up fail2ban to block IPs faster and over a longer period when they use invalid user names since attacks these days happen from such a wider range of IPs.

[–] Fisch@lemmy.ml 1 points 9 months ago* (last edited 9 months ago) (1 children)

Interesting. I guess security wasn't that good by default back then, firewalls are now set up by default on pretty much every server distro.

[–] Shdwdrgn@mander.xyz 1 points 9 months ago

There was no such thing as a default firewall, but even now when I set up a new Debian machine there are no firewall rules, just the base iptables installed so you CAN add rules. Back then we also had insecure things like telnet installed by default and exposed to the world, so there's really no telling exactly how they managed to get into my machine. It's still good to learn about network security up front rather than relying on any default settings if someone is planning on self-hosting.