| 1 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 2 |
DENIED
|
moderate
|
App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
} |
|
Show voter details
|
| 3 |
DENIED
|
edit
|
App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
} |
|
Show voter details
|
| 4 |
DENIED
|
moderate
|
App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
} |
|
Show voter details
|
| 5 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 6 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
} |
|
Show voter details
|
| 7 |
DENIED
|
edit
|
App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
} |
|
Show voter details
|
| 8 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
} |
|
Show voter details
|
| 9 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 10 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
} |
|
Show voter details
|
| 11 |
DENIED
|
edit
|
App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
} |
|
Show voter details
|
| 12 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
} |
|
Show voter details
|
| 13 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 14 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
} |
|
Show voter details
|
| 15 |
DENIED
|
edit
|
App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
} |
|
Show voter details
|
| 16 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
} |
|
Show voter details
|
| 17 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 18 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5003
+user: Proxies\__CG__\App\Entity\User {#5004 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "That’s what I’m doing! I used it to make a “blog” of all the things I had to learn to switch to Linux for my home drives and daily gaming rig. Complete with copy buttons on the code blocks so I can do a complete reformat in minutes!"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703904064 {#5001
date: 2023-12-30 03:41:04.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@ducking_donuts@lemm.ee"
]
+children: Doctrine\ORM\PersistentCollection {#5005 …}
+nested: Doctrine\ORM\PersistentCollection {#5007 …}
+votes: Doctrine\ORM\PersistentCollection {#5009 …}
+reports: Doctrine\ORM\PersistentCollection {#5011 …}
+favourites: Doctrine\ORM\PersistentCollection {#5013 …}
+notifications: Doctrine\ORM\PersistentCollection {#5015 …}
-id: 272878
-bodyTs: "'block':41 'blog':13 'button':37 'code':40 'complet':34,47 'copi':36 'daili':31 'drive':29 'game':32 'home':28 'learn':21 'linux':25 'm':5 'make':11 'minut':50 'reformat':48 'rig':33 'switch':23 'thing':17 'use':8"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7706492"
+editedAt: null
+createdAt: DateTimeImmutable @1703904064 {#5002
date: 2023-12-30 03:41:04.0 +01:00
}
} |
|
Show voter details
|
| 19 |
DENIED
|
edit
|
App\Entity\EntryComment {#5003
+user: Proxies\__CG__\App\Entity\User {#5004 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "That’s what I’m doing! I used it to make a “blog” of all the things I had to learn to switch to Linux for my home drives and daily gaming rig. Complete with copy buttons on the code blocks so I can do a complete reformat in minutes!"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703904064 {#5001
date: 2023-12-30 03:41:04.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@ducking_donuts@lemm.ee"
]
+children: Doctrine\ORM\PersistentCollection {#5005 …}
+nested: Doctrine\ORM\PersistentCollection {#5007 …}
+votes: Doctrine\ORM\PersistentCollection {#5009 …}
+reports: Doctrine\ORM\PersistentCollection {#5011 …}
+favourites: Doctrine\ORM\PersistentCollection {#5013 …}
+notifications: Doctrine\ORM\PersistentCollection {#5015 …}
-id: 272878
-bodyTs: "'block':41 'blog':13 'button':37 'code':40 'complet':34,47 'copi':36 'daili':31 'drive':29 'game':32 'home':28 'learn':21 'linux':25 'm':5 'make':11 'minut':50 'reformat':48 'rig':33 'switch':23 'thing':17 'use':8"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7706492"
+editedAt: null
+createdAt: DateTimeImmutable @1703904064 {#5002
date: 2023-12-30 03:41:04.0 +01:00
}
} |
|
Show voter details
|
| 20 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5003
+user: Proxies\__CG__\App\Entity\User {#5004 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4731
+user: Proxies\__CG__\App\Entity\User {#4732 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859248 {#4729
date: 2023-12-29 15:14:08.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4733 …}
+nested: Doctrine\ORM\PersistentCollection {#4735 …}
+votes: Doctrine\ORM\PersistentCollection {#4737 …}
+reports: Doctrine\ORM\PersistentCollection {#4739 …}
+favourites: Doctrine\ORM\PersistentCollection {#4741 …}
+notifications: Doctrine\ORM\PersistentCollection {#4743 …}
-id: 272723
-bodyTs: "'cloudflar':3,15 'good':19 'host':11,21 'okay':7 'page':16 're':6 'self':10 'speak':1 'static':22 'websit':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7688720"
+editedAt: null
+createdAt: DateTimeImmutable @1703859248 {#4730
date: 2023-12-29 15:14:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "That’s what I’m doing! I used it to make a “blog” of all the things I had to learn to switch to Linux for my home drives and daily gaming rig. Complete with copy buttons on the code blocks so I can do a complete reformat in minutes!"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703904064 {#5001
date: 2023-12-30 03:41:04.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@ducking_donuts@lemm.ee"
]
+children: Doctrine\ORM\PersistentCollection {#5005 …}
+nested: Doctrine\ORM\PersistentCollection {#5007 …}
+votes: Doctrine\ORM\PersistentCollection {#5009 …}
+reports: Doctrine\ORM\PersistentCollection {#5011 …}
+favourites: Doctrine\ORM\PersistentCollection {#5013 …}
+notifications: Doctrine\ORM\PersistentCollection {#5015 …}
-id: 272878
-bodyTs: "'block':41 'blog':13 'button':37 'code':40 'complet':34,47 'copi':36 'daili':31 'drive':29 'game':32 'home':28 'learn':21 'linux':25 'm':5 'make':11 'minut':50 'reformat':48 'rig':33 'switch':23 'thing':17 'use':8"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemm.ee/comment/7706492"
+editedAt: null
+createdAt: DateTimeImmutable @1703904064 {#5002
date: 2023-12-30 03:41:04.0 +01:00
}
} |
|
Show voter details
|
| 21 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 22 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4747
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "If you have any issues or questions feel free to DM me here. I’d be happy to help out :)"
+lang: "en"
+isAdult: false
+favouriteCount: 3
+score: 0
+lastActive: DateTime @1703859289 {#4745
date: 2023-12-29 15:14:49.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4748 …}
+nested: Doctrine\ORM\PersistentCollection {#4750 …}
+votes: Doctrine\ORM\PersistentCollection {#4752 …}
+reports: Doctrine\ORM\PersistentCollection {#4754 …}
+favourites: Doctrine\ORM\PersistentCollection {#4756 …}
+notifications: Doctrine\ORM\PersistentCollection {#4758 …}
-id: 262186
-bodyTs: "'d':15 'dm':11 'feel':8 'free':9 'happi':17 'help':19 'issu':5 'question':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291502"
+editedAt: null
+createdAt: DateTimeImmutable @1703859289 {#4746
date: 2023-12-29 15:14:49.0 +01:00
}
} |
|
Show voter details
|
| 23 |
DENIED
|
edit
|
App\Entity\EntryComment {#4747
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "If you have any issues or questions feel free to DM me here. I’d be happy to help out :)"
+lang: "en"
+isAdult: false
+favouriteCount: 3
+score: 0
+lastActive: DateTime @1703859289 {#4745
date: 2023-12-29 15:14:49.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4748 …}
+nested: Doctrine\ORM\PersistentCollection {#4750 …}
+votes: Doctrine\ORM\PersistentCollection {#4752 …}
+reports: Doctrine\ORM\PersistentCollection {#4754 …}
+favourites: Doctrine\ORM\PersistentCollection {#4756 …}
+notifications: Doctrine\ORM\PersistentCollection {#4758 …}
-id: 262186
-bodyTs: "'d':15 'dm':11 'feel':8 'free':9 'happi':17 'help':19 'issu':5 'question':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291502"
+editedAt: null
+createdAt: DateTimeImmutable @1703859289 {#4746
date: 2023-12-29 15:14:49.0 +01:00
}
} |
|
Show voter details
|
| 24 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4747
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "If you have any issues or questions feel free to DM me here. I’d be happy to help out :)"
+lang: "en"
+isAdult: false
+favouriteCount: 3
+score: 0
+lastActive: DateTime @1703859289 {#4745
date: 2023-12-29 15:14:49.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4748 …}
+nested: Doctrine\ORM\PersistentCollection {#4750 …}
+votes: Doctrine\ORM\PersistentCollection {#4752 …}
+reports: Doctrine\ORM\PersistentCollection {#4754 …}
+favourites: Doctrine\ORM\PersistentCollection {#4756 …}
+notifications: Doctrine\ORM\PersistentCollection {#4758 …}
-id: 262186
-bodyTs: "'d':15 'dm':11 'feel':8 'free':9 'happi':17 'help':19 'issu':5 'question':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291502"
+editedAt: null
+createdAt: DateTimeImmutable @1703859289 {#4746
date: 2023-12-29 15:14:49.0 +01:00
}
} |
|
Show voter details
|
| 25 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 26 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
} |
|
Show voter details
|
| 27 |
DENIED
|
edit
|
App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
} |
|
Show voter details
|
| 28 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
} |
|
Show voter details
|
| 29 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 30 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4899
+user: Proxies\__CG__\App\Entity\User {#4892 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Came here to say this^"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703874092 {#4900
date: 2023-12-29 19:21:32.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4891 …}
+nested: Doctrine\ORM\PersistentCollection {#4889 …}
+votes: Doctrine\ORM\PersistentCollection {#4887 …}
+reports: Doctrine\ORM\PersistentCollection {#4902 …}
+favourites: Doctrine\ORM\PersistentCollection {#4904 …}
+notifications: Doctrine\ORM\PersistentCollection {#4906 …}
-id: 262656
-bodyTs: "'came':1 'say':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6943565"
+editedAt: null
+createdAt: DateTimeImmutable @1703874092 {#4897
date: 2023-12-29 19:21:32.0 +01:00
}
} |
|
Show voter details
|
| 31 |
DENIED
|
edit
|
App\Entity\EntryComment {#4899
+user: Proxies\__CG__\App\Entity\User {#4892 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Came here to say this^"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703874092 {#4900
date: 2023-12-29 19:21:32.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4891 …}
+nested: Doctrine\ORM\PersistentCollection {#4889 …}
+votes: Doctrine\ORM\PersistentCollection {#4887 …}
+reports: Doctrine\ORM\PersistentCollection {#4902 …}
+favourites: Doctrine\ORM\PersistentCollection {#4904 …}
+notifications: Doctrine\ORM\PersistentCollection {#4906 …}
-id: 262656
-bodyTs: "'came':1 'say':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6943565"
+editedAt: null
+createdAt: DateTimeImmutable @1703874092 {#4897
date: 2023-12-29 19:21:32.0 +01:00
}
} |
|
Show voter details
|
| 32 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4899
+user: Proxies\__CG__\App\Entity\User {#4892 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4762
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Or take github out of the equation and directly use cloudflare pages. It has its own pros and cons, but for a simple static blog it’ll be more than enough, and takes out the CNAME hassle."
+lang: "en"
+isAdult: false
+favouriteCount: 25
+score: 0
+lastActive: DateTime @1703864590 {#4760
date: 2023-12-29 16:43:10.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4764 …}
+nested: Doctrine\ORM\PersistentCollection {#4766 …}
+votes: Doctrine\ORM\PersistentCollection {#4768 …}
+reports: Doctrine\ORM\PersistentCollection {#4770 …}
+favourites: Doctrine\ORM\PersistentCollection {#4772 …}
+notifications: Doctrine\ORM\PersistentCollection {#4774 …}
-id: 262346
-bodyTs: "'blog':25 'cloudflar':11 'cname':36 'con':19 'direct':9 'enough':31 'equat':7 'github':3 'hassl':37 'll':27 'page':12 'pros':17 'simpl':23 'static':24 'take':2,33 'use':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277465"
+editedAt: null
+createdAt: DateTimeImmutable @1703864590 {#4761
date: 2023-12-29 16:43:10.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "Came here to say this^"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703874092 {#4900
date: 2023-12-29 19:21:32.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4891 …}
+nested: Doctrine\ORM\PersistentCollection {#4889 …}
+votes: Doctrine\ORM\PersistentCollection {#4887 …}
+reports: Doctrine\ORM\PersistentCollection {#4902 …}
+favourites: Doctrine\ORM\PersistentCollection {#4904 …}
+notifications: Doctrine\ORM\PersistentCollection {#4906 …}
-id: 262656
-bodyTs: "'came':1 'say':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6943565"
+editedAt: null
+createdAt: DateTimeImmutable @1703874092 {#4897
date: 2023-12-29 19:21:32.0 +01:00
}
} |
|
Show voter details
|
| 33 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 34 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4778
+user: Proxies\__CG__\App\Entity\User {#4779 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "I do this via AWS amplify and it costs me a few cents a month as another option."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703994711 {#4776
date: 2023-12-31 04:51:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4780 …}
+nested: Doctrine\ORM\PersistentCollection {#4782 …}
+votes: Doctrine\ORM\PersistentCollection {#4784 …}
+reports: Doctrine\ORM\PersistentCollection {#4786 …}
+favourites: Doctrine\ORM\PersistentCollection {#4788 …}
+notifications: Doctrine\ORM\PersistentCollection {#4790 …}
-id: 266586
-bodyTs: "'amplifi':6 'anoth':17 'aw':5 'cent':13 'cost':9 'month':15 'option':18 'via':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6314247"
+editedAt: null
+createdAt: DateTimeImmutable @1703994711 {#4777
date: 2023-12-31 04:51:51.0 +01:00
}
} |
|
Show voter details
|
| 35 |
DENIED
|
edit
|
App\Entity\EntryComment {#4778
+user: Proxies\__CG__\App\Entity\User {#4779 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "I do this via AWS amplify and it costs me a few cents a month as another option."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703994711 {#4776
date: 2023-12-31 04:51:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4780 …}
+nested: Doctrine\ORM\PersistentCollection {#4782 …}
+votes: Doctrine\ORM\PersistentCollection {#4784 …}
+reports: Doctrine\ORM\PersistentCollection {#4786 …}
+favourites: Doctrine\ORM\PersistentCollection {#4788 …}
+notifications: Doctrine\ORM\PersistentCollection {#4790 …}
-id: 266586
-bodyTs: "'amplifi':6 'anoth':17 'aw':5 'cent':13 'cost':9 'month':15 'option':18 'via':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6314247"
+editedAt: null
+createdAt: DateTimeImmutable @1703994711 {#4777
date: 2023-12-31 04:51:51.0 +01:00
}
} |
|
Show voter details
|
| 36 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4778
+user: Proxies\__CG__\App\Entity\User {#4779 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4594
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4032
+user: App\Entity\User {#3981 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
I’ll let folks with more security experience dive into your specific question, but another option is to host your website on something like Github pages (using a static website generator like [Jekyll](https://jekyllrb.com/)) and point Cloudflare at it. That way you don’t need anything pointed at your local network, get the uptime of Github, and still benefit from your own domain name.\n
\n
That’s what I’m doing with my own blog and it’s been great. Github provides the service for free but if they ever charge for it I’ll just start hosting it locally.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 55
+score: 0
+lastActive: DateTime @1710776618 {#4042
date: 2024-03-18 16:43:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4030 …}
+nested: Doctrine\ORM\PersistentCollection {#4028 …}
+votes: Doctrine\ORM\PersistentCollection {#4026 …}
+reports: Doctrine\ORM\PersistentCollection {#4024 …}
+favourites: Doctrine\ORM\PersistentCollection {#3992 …}
+notifications: Doctrine\ORM\PersistentCollection {#3996 …}
-id: 262121
-bodyTs: "'/))':36 'anoth':15 'anyth':48 'benefit':61 'blog':76 'charg':92 'cloudflar':39 'dive':9 'domain':65 'ever':91 'experi':8 'folk':4 'free':87 'generat':31 'get':54 'github':25,58,82 'great':81 'host':19,99 'jekyl':33 'jekyllrb.com':35 'jekyllrb.com/))':34 'let':3 'like':24,32 'll':2,96 'local':52,101 'm':71 'name':66 'need':47 'network':53 'option':16 'page':26 'point':38,49 'provid':83 'question':13 'secur':7 'servic':85 'someth':23 'specif':12 'start':98 'static':29 'still':60 'uptim':56 'use':27 'way':43 'websit':21,30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291190"
+editedAt: DateTimeImmutable @1709042202 {#3974
date: 2024-02-27 14:56:42.0 +01:00
}
+createdAt: DateTimeImmutable @1703857508 {#4041
date: 2023-12-29 14:45:08.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "OK that’s genius, I will definitely look into that!"
+lang: "en"
+isAdult: false
+favouriteCount: 14
+score: 0
+lastActive: DateTime @1703858384 {#4593
date: 2023-12-29 14:59:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4599 …}
+nested: Doctrine\ORM\PersistentCollection {#4600 …}
+votes: Doctrine\ORM\PersistentCollection {#4602 …}
+reports: Doctrine\ORM\PersistentCollection {#4606 …}
+favourites: Doctrine\ORM\PersistentCollection {#4608 …}
+notifications: Doctrine\ORM\PersistentCollection {#4610 …}
-id: 262150
-bodyTs: "'definit':7 'genius':4 'look':8 'ok':1"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453055"
+editedAt: null
+createdAt: DateTimeImmutable @1703858384 {#4596
date: 2023-12-29 14:59:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4032}
+body: "I do this via AWS amplify and it costs me a few cents a month as another option."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703994711 {#4776
date: 2023-12-31 04:51:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@jgkawell@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4780 …}
+nested: Doctrine\ORM\PersistentCollection {#4782 …}
+votes: Doctrine\ORM\PersistentCollection {#4784 …}
+reports: Doctrine\ORM\PersistentCollection {#4786 …}
+favourites: Doctrine\ORM\PersistentCollection {#4788 …}
+notifications: Doctrine\ORM\PersistentCollection {#4790 …}
-id: 266586
-bodyTs: "'amplifi':6 'anoth':17 'aw':5 'cent':13 'cost':9 'month':15 'option':18 'via':4"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6314247"
+editedAt: null
+createdAt: DateTimeImmutable @1703994711 {#4777
date: 2023-12-31 04:51:51.0 +01:00
}
} |
|
Show voter details
|
| 37 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 38 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
} |
|
Show voter details
|
| 39 |
DENIED
|
edit
|
App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
} |
|
Show voter details
|
| 40 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
} |
|
Show voter details
|
| 41 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 42 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
} |
|
Show voter details
|
| 43 |
DENIED
|
edit
|
App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
} |
|
Show voter details
|
| 44 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
} |
|
Show voter details
|
| 45 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 46 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4718
+user: Proxies\__CG__\App\Entity\User {#4713 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I’ve been running a script every 60 seconds for 2 months now as a cron job and it still hasn’t been able to create a VM in their US datacenter. I just have a log full of “insufficient host capacity” errors."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703990474 {#4719
date: 2023-12-31 03:41:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@Hominine@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4708 …}
+nested: Doctrine\ORM\PersistentCollection {#4712 …}
+votes: Doctrine\ORM\PersistentCollection {#4710 …}
+reports: Doctrine\ORM\PersistentCollection {#4723 …}
+favourites: Doctrine\ORM\PersistentCollection {#4725 …}
+notifications: Doctrine\ORM\PersistentCollection {#4727 …}
-id: 266460
-bodyTs: "'2':11 '60':8 'abl':24 'capac':42 'creat':26 'cron':16 'datacent':32 'error':43 'everi':7 'full':38 'hasn':21 'host':41 'insuffici':40 'job':17 'log':37 'month':12 'run':4 'script':6 'second':9 'still':20 'us':31 've':2 'vm':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6313646"
+editedAt: null
+createdAt: DateTimeImmutable @1703990474 {#4716
date: 2023-12-31 03:41:14.0 +01:00
}
} |
|
Show voter details
|
| 47 |
DENIED
|
edit
|
App\Entity\EntryComment {#4718
+user: Proxies\__CG__\App\Entity\User {#4713 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I’ve been running a script every 60 seconds for 2 months now as a cron job and it still hasn’t been able to create a VM in their US datacenter. I just have a log full of “insufficient host capacity” errors."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703990474 {#4719
date: 2023-12-31 03:41:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@Hominine@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4708 …}
+nested: Doctrine\ORM\PersistentCollection {#4712 …}
+votes: Doctrine\ORM\PersistentCollection {#4710 …}
+reports: Doctrine\ORM\PersistentCollection {#4723 …}
+favourites: Doctrine\ORM\PersistentCollection {#4725 …}
+notifications: Doctrine\ORM\PersistentCollection {#4727 …}
-id: 266460
-bodyTs: "'2':11 '60':8 'abl':24 'capac':42 'creat':26 'cron':16 'datacent':32 'error':43 'everi':7 'full':38 'hasn':21 'host':41 'insuffici':40 'job':17 'log':37 'month':12 'run':4 'script':6 'second':9 'still':20 'us':31 've':2 'vm':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6313646"
+editedAt: null
+createdAt: DateTimeImmutable @1703990474 {#4716
date: 2023-12-31 03:41:14.0 +01:00
}
} |
|
Show voter details
|
| 48 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4718
+user: Proxies\__CG__\App\Entity\User {#4713 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4614
+user: Proxies\__CG__\App\Entity\User {#4615 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I believe Oracle is still offering to slice off a bit of compute for free that should accomplish OP’s goal. I’ve used it to test a Jellyfin host among other things and for the price it can’t be beat!"
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1703858091 {#4612
date: 2023-12-29 14:54:51.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4616 …}
+nested: Doctrine\ORM\PersistentCollection {#4618 …}
+votes: Doctrine\ORM\PersistentCollection {#4620 …}
+reports: Doctrine\ORM\PersistentCollection {#4622 …}
+favourites: Doctrine\ORM\PersistentCollection {#4624 …}
+notifications: Doctrine\ORM\PersistentCollection {#4626 …}
-id: 262137
-bodyTs: "'accomplish':18 'among':31 'beat':42 'believ':2 'bit':11 'comput':13 'free':15 'goal':21 'host':30 'jellyfin':29 'offer':6 'op':19 'oracl':3 'price':37 'slice':8 'still':5 'test':27 'thing':33 'use':24 've':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291291"
+editedAt: null
+createdAt: DateTimeImmutable @1703858091 {#4613
date: 2023-12-29 14:54:51.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I’ve been running a script every 60 seconds for 2 months now as a cron job and it still hasn’t been able to create a VM in their US datacenter. I just have a log full of “insufficient host capacity” errors."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703990474 {#4719
date: 2023-12-31 03:41:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@Hominine@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4708 …}
+nested: Doctrine\ORM\PersistentCollection {#4712 …}
+votes: Doctrine\ORM\PersistentCollection {#4710 …}
+reports: Doctrine\ORM\PersistentCollection {#4723 …}
+favourites: Doctrine\ORM\PersistentCollection {#4725 …}
+notifications: Doctrine\ORM\PersistentCollection {#4727 …}
-id: 266460
-bodyTs: "'2':11 '60':8 'abl':24 'capac':42 'creat':26 'cron':16 'datacent':32 'error':43 'everi':7 'full':38 'hasn':21 'host':41 'insuffici':40 'job':17 'log':37 'month':12 'run':4 'script':6 'second':9 'still':20 'us':31 've':2 'vm':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6313646"
+editedAt: null
+createdAt: DateTimeImmutable @1703990474 {#4716
date: 2023-12-31 03:41:14.0 +01:00
}
} |
|
Show voter details
|
| 49 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 50 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
} |
|
Show voter details
|
| 51 |
DENIED
|
edit
|
App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
} |
|
Show voter details
|
| 52 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
} |
|
Show voter details
|
| 53 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 54 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
} |
|
Show voter details
|
| 55 |
DENIED
|
edit
|
App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
} |
|
Show voter details
|
| 56 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
} |
|
Show voter details
|
| 57 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 58 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4910
+user: Proxies\__CG__\App\Entity\User {#4911 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
The Oracle Cloud VPS only has SSH key authentication enabled by default. You can also set it to only allow SSH from your home IP in the virtual firewall before the machine is ever spun up.\n
\n
Their current free ARM offering is 1 machine with 4-cores and 24gb RAM for life. You can also add another 2 AMD machines with 1-core and 1gb RAM and still be in their free-tier.\n
\n
If you’re going to set it up and take advantage of the ARM machine, make sure you pick a home location for your account that has multiple availability zones. San Fran right now only has 1 zone, so if the shared ARM instances are all used up, you’ll have to wait a few days and try again. Phoenix I think has 3, so you can try with another zone right away.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703872203 {#4908
date: 2023-12-29 18:50:03.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4912 …}
+nested: Doctrine\ORM\PersistentCollection {#4914 …}
+votes: Doctrine\ORM\PersistentCollection {#4916 …}
+reports: Doctrine\ORM\PersistentCollection {#4918 …}
+favourites: Doctrine\ORM\PersistentCollection {#4920 …}
+notifications: Doctrine\ORM\PersistentCollection {#4922 …}
-id: 262584
-bodyTs: "'1':43,62,111 '1gb':65 '2':58 '24gb':49 '3':138 '4':46 'account':99 'add':56 'advantag':85 'allow':20 'also':15,55 'amd':59 'anoth':57,144 'arm':40,88,117 'authent':9 'avail':103 'away':147 'cloud':3 'core':47,63 'current':38 'day':130 'default':12 'enabl':10 'ever':34 'firewal':29 'fran':106 'free':39,73 'free-tier':72 'go':78 'home':24,95 'instanc':118 'ip':25 'key':8 'life':52 'll':124 'locat':96 'machin':32,44,60,89 'make':90 'multipl':102 'offer':41 'oracl':2 'phoenix':134 'pick':93 'ram':50,66 're':77 'right':107,146 'san':105 'set':16,80 'share':116 'spun':35 'ssh':7,21 'still':68 'sure':91 'take':84 'think':136 'tier':74 'tri':132,142 'use':121 'virtual':28 'vps':4 'wait':127 'zone':104,112,145"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6279215"
+editedAt: null
+createdAt: DateTimeImmutable @1703872203 {#4909
date: 2023-12-29 18:50:03.0 +01:00
}
} |
|
Show voter details
|
| 59 |
DENIED
|
edit
|
App\Entity\EntryComment {#4910
+user: Proxies\__CG__\App\Entity\User {#4911 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
The Oracle Cloud VPS only has SSH key authentication enabled by default. You can also set it to only allow SSH from your home IP in the virtual firewall before the machine is ever spun up.\n
\n
Their current free ARM offering is 1 machine with 4-cores and 24gb RAM for life. You can also add another 2 AMD machines with 1-core and 1gb RAM and still be in their free-tier.\n
\n
If you’re going to set it up and take advantage of the ARM machine, make sure you pick a home location for your account that has multiple availability zones. San Fran right now only has 1 zone, so if the shared ARM instances are all used up, you’ll have to wait a few days and try again. Phoenix I think has 3, so you can try with another zone right away.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703872203 {#4908
date: 2023-12-29 18:50:03.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4912 …}
+nested: Doctrine\ORM\PersistentCollection {#4914 …}
+votes: Doctrine\ORM\PersistentCollection {#4916 …}
+reports: Doctrine\ORM\PersistentCollection {#4918 …}
+favourites: Doctrine\ORM\PersistentCollection {#4920 …}
+notifications: Doctrine\ORM\PersistentCollection {#4922 …}
-id: 262584
-bodyTs: "'1':43,62,111 '1gb':65 '2':58 '24gb':49 '3':138 '4':46 'account':99 'add':56 'advantag':85 'allow':20 'also':15,55 'amd':59 'anoth':57,144 'arm':40,88,117 'authent':9 'avail':103 'away':147 'cloud':3 'core':47,63 'current':38 'day':130 'default':12 'enabl':10 'ever':34 'firewal':29 'fran':106 'free':39,73 'free-tier':72 'go':78 'home':24,95 'instanc':118 'ip':25 'key':8 'life':52 'll':124 'locat':96 'machin':32,44,60,89 'make':90 'multipl':102 'offer':41 'oracl':2 'phoenix':134 'pick':93 'ram':50,66 're':77 'right':107,146 'san':105 'set':16,80 'share':116 'spun':35 'ssh':7,21 'still':68 'sure':91 'take':84 'think':136 'tier':74 'tri':132,142 'use':121 'virtual':28 'vps':4 'wait':127 'zone':104,112,145"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6279215"
+editedAt: null
+createdAt: DateTimeImmutable @1703872203 {#4909
date: 2023-12-29 18:50:03.0 +01:00
}
} |
|
Show voter details
|
| 60 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4910
+user: Proxies\__CG__\App\Entity\User {#4911 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
The Oracle Cloud VPS only has SSH key authentication enabled by default. You can also set it to only allow SSH from your home IP in the virtual firewall before the machine is ever spun up.\n
\n
Their current free ARM offering is 1 machine with 4-cores and 24gb RAM for life. You can also add another 2 AMD machines with 1-core and 1gb RAM and still be in their free-tier.\n
\n
If you’re going to set it up and take advantage of the ARM machine, make sure you pick a home location for your account that has multiple availability zones. San Fran right now only has 1 zone, so if the shared ARM instances are all used up, you’ll have to wait a few days and try again. Phoenix I think has 3, so you can try with another zone right away.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703872203 {#4908
date: 2023-12-29 18:50:03.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4912 …}
+nested: Doctrine\ORM\PersistentCollection {#4914 …}
+votes: Doctrine\ORM\PersistentCollection {#4916 …}
+reports: Doctrine\ORM\PersistentCollection {#4918 …}
+favourites: Doctrine\ORM\PersistentCollection {#4920 …}
+notifications: Doctrine\ORM\PersistentCollection {#4922 …}
-id: 262584
-bodyTs: "'1':43,62,111 '1gb':65 '2':58 '24gb':49 '3':138 '4':46 'account':99 'add':56 'advantag':85 'allow':20 'also':15,55 'amd':59 'anoth':57,144 'arm':40,88,117 'authent':9 'avail':103 'away':147 'cloud':3 'core':47,63 'current':38 'day':130 'default':12 'enabl':10 'ever':34 'firewal':29 'fran':106 'free':39,73 'free-tier':72 'go':78 'home':24,95 'instanc':118 'ip':25 'key':8 'life':52 'll':124 'locat':96 'machin':32,44,60,89 'make':90 'multipl':102 'offer':41 'oracl':2 'phoenix':134 'pick':93 'ram':50,66 're':77 'right':107,146 'san':105 'set':16,80 'share':116 'spun':35 'ssh':7,21 'still':68 'sure':91 'take':84 'think':136 'tier':74 'tri':132,142 'use':121 'virtual':28 'vps':4 'wait':127 'zone':104,112,145"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6279215"
+editedAt: null
+createdAt: DateTimeImmutable @1703872203 {#4909
date: 2023-12-29 18:50:03.0 +01:00
}
} |
|
Show voter details
|
| 61 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 62 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4926
+user: Proxies\__CG__\App\Entity\User {#4927 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I guess I’m extremely paranoid then, my home IP doesn’t change much and I just expose the port only to it from Oracle’s site. I rarely touch mine though."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703886354 {#4924
date: 2023-12-29 22:45:54.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4928 …}
+nested: Doctrine\ORM\PersistentCollection {#4930 …}
+votes: Doctrine\ORM\PersistentCollection {#4932 …}
+reports: Doctrine\ORM\PersistentCollection {#4934 …}
+favourites: Doctrine\ORM\PersistentCollection {#4936 …}
+notifications: Doctrine\ORM\PersistentCollection {#4938 …}
-id: 263190
-bodyTs: "'chang':13 'doesn':11 'expos':18 'extrem':5 'guess':2 'home':9 'ip':10 'm':4 'mine':31 'much':14 'oracl':25 'paranoid':6 'port':20 'rare':29 'site':27 'though':32 'touch':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6296729"
+editedAt: null
+createdAt: DateTimeImmutable @1703886354 {#4925
date: 2023-12-29 22:45:54.0 +01:00
}
} |
|
Show voter details
|
| 63 |
DENIED
|
edit
|
App\Entity\EntryComment {#4926
+user: Proxies\__CG__\App\Entity\User {#4927 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I guess I’m extremely paranoid then, my home IP doesn’t change much and I just expose the port only to it from Oracle’s site. I rarely touch mine though."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703886354 {#4924
date: 2023-12-29 22:45:54.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4928 …}
+nested: Doctrine\ORM\PersistentCollection {#4930 …}
+votes: Doctrine\ORM\PersistentCollection {#4932 …}
+reports: Doctrine\ORM\PersistentCollection {#4934 …}
+favourites: Doctrine\ORM\PersistentCollection {#4936 …}
+notifications: Doctrine\ORM\PersistentCollection {#4938 …}
-id: 263190
-bodyTs: "'chang':13 'doesn':11 'expos':18 'extrem':5 'guess':2 'home':9 'ip':10 'm':4 'mine':31 'much':14 'oracl':25 'paranoid':6 'port':20 'rare':29 'site':27 'though':32 'touch':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6296729"
+editedAt: null
+createdAt: DateTimeImmutable @1703886354 {#4925
date: 2023-12-29 22:45:54.0 +01:00
}
} |
|
Show voter details
|
| 64 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4926
+user: Proxies\__CG__\App\Entity\User {#4927 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I guess I’m extremely paranoid then, my home IP doesn’t change much and I just expose the port only to it from Oracle’s site. I rarely touch mine though."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703886354 {#4924
date: 2023-12-29 22:45:54.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4928 …}
+nested: Doctrine\ORM\PersistentCollection {#4930 …}
+votes: Doctrine\ORM\PersistentCollection {#4932 …}
+reports: Doctrine\ORM\PersistentCollection {#4934 …}
+favourites: Doctrine\ORM\PersistentCollection {#4936 …}
+notifications: Doctrine\ORM\PersistentCollection {#4938 …}
-id: 263190
-bodyTs: "'chang':13 'doesn':11 'expos':18 'extrem':5 'guess':2 'home':9 'ip':10 'm':4 'mine':31 'much':14 'oracl':25 'paranoid':6 'port':20 'rare':29 'site':27 'though':32 'touch':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6296729"
+editedAt: null
+createdAt: DateTimeImmutable @1703886354 {#4925
date: 2023-12-29 22:45:54.0 +01:00
}
} |
|
Show voter details
|
| 65 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 66 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4943
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Changing port is security by obscurity and it doesn’t take much time for botnets to scan all of IPV4 space on all ports. See for example the ever updated list that’s [available on Shodan](https://www.shodan.io/host/51.77.203.116).\n
\n
Disable password login and use certificates as you’ve suggested already, add fail2ban to block random drive-bys, and you’re off to the races.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703899760 {#4940
date: 2023-12-30 02:29:20.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4944 …}
+nested: Doctrine\ORM\PersistentCollection {#4946 …}
+votes: Doctrine\ORM\PersistentCollection {#4948 …}
+reports: Doctrine\ORM\PersistentCollection {#4950 …}
+favourites: Doctrine\ORM\PersistentCollection {#4952 …}
+notifications: Doctrine\ORM\PersistentCollection {#4954 …}
-id: 263726
-bodyTs: "'/host/51.77.203.116).':39 'add':51 'alreadi':50 'avail':34 'block':54 'botnet':15 'bys':58 'certif':45 'chang':1 'disabl':40 'doesn':9 'drive':57 'drive-bi':56 'ever':29 'exampl':27 'fail2ban':52 'ipv4':20 'list':31 'login':42 'much':12 'obscur':6 'password':41 'port':2,24 'race':65 'random':55 're':61 'scan':17 'secur':4 'see':25 'shodan':36 'space':21 'suggest':49 'take':11 'time':13 'updat':30 'use':44 've':48 'www.shodan.io':38 'www.shodan.io/host/51.77.203.116).':37"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417120"
+editedAt: DateTimeImmutable @1709699920 {#4941
date: 2024-03-06 05:38:40.0 +01:00
}
+createdAt: DateTimeImmutable @1703899760 {#4942
date: 2023-12-30 02:29:20.0 +01:00
}
} |
|
Show voter details
|
| 67 |
DENIED
|
edit
|
App\Entity\EntryComment {#4943
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Changing port is security by obscurity and it doesn’t take much time for botnets to scan all of IPV4 space on all ports. See for example the ever updated list that’s [available on Shodan](https://www.shodan.io/host/51.77.203.116).\n
\n
Disable password login and use certificates as you’ve suggested already, add fail2ban to block random drive-bys, and you’re off to the races.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703899760 {#4940
date: 2023-12-30 02:29:20.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4944 …}
+nested: Doctrine\ORM\PersistentCollection {#4946 …}
+votes: Doctrine\ORM\PersistentCollection {#4948 …}
+reports: Doctrine\ORM\PersistentCollection {#4950 …}
+favourites: Doctrine\ORM\PersistentCollection {#4952 …}
+notifications: Doctrine\ORM\PersistentCollection {#4954 …}
-id: 263726
-bodyTs: "'/host/51.77.203.116).':39 'add':51 'alreadi':50 'avail':34 'block':54 'botnet':15 'bys':58 'certif':45 'chang':1 'disabl':40 'doesn':9 'drive':57 'drive-bi':56 'ever':29 'exampl':27 'fail2ban':52 'ipv4':20 'list':31 'login':42 'much':12 'obscur':6 'password':41 'port':2,24 'race':65 'random':55 're':61 'scan':17 'secur':4 'see':25 'shodan':36 'space':21 'suggest':49 'take':11 'time':13 'updat':30 'use':44 've':48 'www.shodan.io':38 'www.shodan.io/host/51.77.203.116).':37"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417120"
+editedAt: DateTimeImmutable @1709699920 {#4941
date: 2024-03-06 05:38:40.0 +01:00
}
+createdAt: DateTimeImmutable @1703899760 {#4942
date: 2023-12-30 02:29:20.0 +01:00
}
} |
|
Show voter details
|
| 68 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4943
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4794
+user: Proxies\__CG__\App\Entity\User {#4763 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Change the ssh port to something with 4-5 digits, disable ssh password Auth and use certificates only, don’t expose any port other than 443.\n
\n
If you’re paranoid, use cloudflare as a proxy and set the VPS firewall to only accept incoming traffic from cloudflares ip list.\n
\n
That’s about it really.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703864804 {#4792
date: 2023-12-29 16:46:44.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4795 …}
+nested: Doctrine\ORM\PersistentCollection {#4797 …}
+votes: Doctrine\ORM\PersistentCollection {#4799 …}
+reports: Doctrine\ORM\PersistentCollection {#4801 …}
+favourites: Doctrine\ORM\PersistentCollection {#4803 …}
+notifications: Doctrine\ORM\PersistentCollection {#4805 …}
-id: 262363
-bodyTs: "'-5':9 '4':8 '443':26 'accept':43 'auth':14 'certif':17 'chang':1 'cloudflar':32,47 'digit':10 'disabl':11 'expos':21 'firewal':40 'incom':44 'ip':48 'list':49 'paranoid':30 'password':13 'port':4,23 'proxi':35 're':29 'realli':54 'set':37 'someth':6 'ssh':3,12 'traffic':45 'use':16,31 'vps':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.dbzer0.com/comment/6277515"
+editedAt: null
+createdAt: DateTimeImmutable @1703864804 {#4793
date: 2023-12-29 16:46:44.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: """
Changing port is security by obscurity and it doesn’t take much time for botnets to scan all of IPV4 space on all ports. See for example the ever updated list that’s [available on Shodan](https://www.shodan.io/host/51.77.203.116).\n
\n
Disable password login and use certificates as you’ve suggested already, add fail2ban to block random drive-bys, and you’re off to the races.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703899760 {#4940
date: 2023-12-30 02:29:20.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
"@7Sea_Sailor@lemmy.dbzer0.com"
]
+children: Doctrine\ORM\PersistentCollection {#4944 …}
+nested: Doctrine\ORM\PersistentCollection {#4946 …}
+votes: Doctrine\ORM\PersistentCollection {#4948 …}
+reports: Doctrine\ORM\PersistentCollection {#4950 …}
+favourites: Doctrine\ORM\PersistentCollection {#4952 …}
+notifications: Doctrine\ORM\PersistentCollection {#4954 …}
-id: 263726
-bodyTs: "'/host/51.77.203.116).':39 'add':51 'alreadi':50 'avail':34 'block':54 'botnet':15 'bys':58 'certif':45 'chang':1 'disabl':40 'doesn':9 'drive':57 'drive-bi':56 'ever':29 'exampl':27 'fail2ban':52 'ipv4':20 'list':31 'login':42 'much':12 'obscur':6 'password':41 'port':2,24 'race':65 'random':55 're':61 'scan':17 'secur':4 'see':25 'shodan':36 'space':21 'suggest':49 'take':11 'time':13 'updat':30 'use':44 've':48 'www.shodan.io':38 'www.shodan.io/host/51.77.203.116).':37"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417120"
+editedAt: DateTimeImmutable @1709699920 {#4941
date: 2024-03-06 05:38:40.0 +01:00
}
+createdAt: DateTimeImmutable @1703899760 {#4942
date: 2023-12-30 02:29:20.0 +01:00
}
} |
|
Show voter details
|
| 69 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 70 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4809
+user: Proxies\__CG__\App\Entity\User {#4810 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I just restrict SSH to an internal VPN IP on all my servers (ZeroTier). 100% impossible to even try logging into them unless you’ve managed to crack into my network first."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704202107 {#4807
date: 2024-01-02 14:28:27.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4811 …}
+nested: Doctrine\ORM\PersistentCollection {#4813 …}
+votes: Doctrine\ORM\PersistentCollection {#4815 …}
+reports: Doctrine\ORM\PersistentCollection {#4817 …}
+favourites: Doctrine\ORM\PersistentCollection {#4819 …}
+notifications: Doctrine\ORM\PersistentCollection {#4821 …}
-id: 273385
-bodyTs: "'100':15 'crack':28 'even':18 'first':32 'imposs':16 'intern':7 'ip':9 'log':20 'manag':26 'network':31 'restrict':3 'server':13 'ssh':4 'tri':19 'unless':23 've':25 'vpn':8 'zeroti':14"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://fuck.markets/comment/77520"
+editedAt: null
+createdAt: DateTimeImmutable @1704202107 {#4808
date: 2024-01-02 14:28:27.0 +01:00
}
} |
|
Show voter details
|
| 71 |
DENIED
|
edit
|
App\Entity\EntryComment {#4809
+user: Proxies\__CG__\App\Entity\User {#4810 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I just restrict SSH to an internal VPN IP on all my servers (ZeroTier). 100% impossible to even try logging into them unless you’ve managed to crack into my network first."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704202107 {#4807
date: 2024-01-02 14:28:27.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4811 …}
+nested: Doctrine\ORM\PersistentCollection {#4813 …}
+votes: Doctrine\ORM\PersistentCollection {#4815 …}
+reports: Doctrine\ORM\PersistentCollection {#4817 …}
+favourites: Doctrine\ORM\PersistentCollection {#4819 …}
+notifications: Doctrine\ORM\PersistentCollection {#4821 …}
-id: 273385
-bodyTs: "'100':15 'crack':28 'even':18 'first':32 'imposs':16 'intern':7 'ip':9 'log':20 'manag':26 'network':31 'restrict':3 'server':13 'ssh':4 'tri':19 'unless':23 've':25 'vpn':8 'zeroti':14"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://fuck.markets/comment/77520"
+editedAt: null
+createdAt: DateTimeImmutable @1704202107 {#4808
date: 2024-01-02 14:28:27.0 +01:00
}
} |
|
Show voter details
|
| 72 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4809
+user: Proxies\__CG__\App\Entity\User {#4810 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4630
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "A VPS makes sense insofar as keeping things thoroughly isolated from my own systems, but the overhead of maintaining a box that’s directly connected to the Internet like that isn’t something I’m keen on and I’m not convinced I’d have the expertise to do it right from the outset."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703859235 {#4628
date: 2023-12-29 15:13:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4631 …}
+nested: Doctrine\ORM\PersistentCollection {#4633 …}
+votes: Doctrine\ORM\PersistentCollection {#4635 …}
+reports: Doctrine\ORM\PersistentCollection {#4637 …}
+favourites: Doctrine\ORM\PersistentCollection {#4639 …}
+notifications: Doctrine\ORM\PersistentCollection {#4641 …}
-id: 262184
-bodyTs: "'box':21 'connect':25 'convinc':42 'd':44 'direct':24 'expertis':47 'insofar':5 'internet':28 'isn':31 'isol':10 'keen':36 'keep':7 'like':29 'm':35,40 'maintain':19 'make':3 'outset':54 'overhead':17 'right':51 'sens':4 'someth':33 'system':14 'thing':8 'thorough':9 'vps':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5453190"
+editedAt: null
+createdAt: DateTimeImmutable @1703859235 {#4629
date: 2023-12-29 15:13:55.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "I just restrict SSH to an internal VPN IP on all my servers (ZeroTier). 100% impossible to even try logging into them unless you’ve managed to crack into my network first."
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704202107 {#4807
date: 2024-01-02 14:28:27.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4811 …}
+nested: Doctrine\ORM\PersistentCollection {#4813 …}
+votes: Doctrine\ORM\PersistentCollection {#4815 …}
+reports: Doctrine\ORM\PersistentCollection {#4817 …}
+favourites: Doctrine\ORM\PersistentCollection {#4819 …}
+notifications: Doctrine\ORM\PersistentCollection {#4821 …}
-id: 273385
-bodyTs: "'100':15 'crack':28 'even':18 'first':32 'imposs':16 'intern':7 'ip':9 'log':20 'manag':26 'network':31 'restrict':3 'server':13 'ssh':4 'tri':19 'unless':23 've':25 'vpn':8 'zeroti':14"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://fuck.markets/comment/77520"
+editedAt: null
+createdAt: DateTimeImmutable @1704202107 {#4808
date: 2024-01-02 14:28:27.0 +01:00
}
} |
|
Show voter details
|
| 73 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 74 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4645
+user: Proxies\__CG__\App\Entity\User {#4646 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "+1 for VPS, the ionos ones are $2/mo and have unlimited bandwidth at 400mbps. That’s basically the cost of electricity for a home server with orders of magnitude better reliability."
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703986801 {#4643
date: 2023-12-31 02:40:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4647 …}
+nested: Doctrine\ORM\PersistentCollection {#4649 …}
+votes: Doctrine\ORM\PersistentCollection {#4651 …}
+reports: Doctrine\ORM\PersistentCollection {#4653 …}
+favourites: Doctrine\ORM\PersistentCollection {#4655 …}
+notifications: Doctrine\ORM\PersistentCollection {#4657 …}
-id: 266277
-bodyTs: "'+1':1 '2/mo':8 '400mbps':14 'bandwidth':12 'basic':17 'better':30 'cost':19 'electr':21 'home':24 'iono':5 'magnitud':29 'one':6 'order':27 'reliabl':31 'server':25 'unlimit':11 'vps':3"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6966577"
+editedAt: null
+createdAt: DateTimeImmutable @1703986801 {#4644
date: 2023-12-31 02:40:01.0 +01:00
}
} |
|
Show voter details
|
| 75 |
DENIED
|
edit
|
App\Entity\EntryComment {#4645
+user: Proxies\__CG__\App\Entity\User {#4646 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "+1 for VPS, the ionos ones are $2/mo and have unlimited bandwidth at 400mbps. That’s basically the cost of electricity for a home server with orders of magnitude better reliability."
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703986801 {#4643
date: 2023-12-31 02:40:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4647 …}
+nested: Doctrine\ORM\PersistentCollection {#4649 …}
+votes: Doctrine\ORM\PersistentCollection {#4651 …}
+reports: Doctrine\ORM\PersistentCollection {#4653 …}
+favourites: Doctrine\ORM\PersistentCollection {#4655 …}
+notifications: Doctrine\ORM\PersistentCollection {#4657 …}
-id: 266277
-bodyTs: "'+1':1 '2/mo':8 '400mbps':14 'bandwidth':12 'basic':17 'better':30 'cost':19 'electr':21 'home':24 'iono':5 'magnitud':29 'one':6 'order':27 'reliabl':31 'server':25 'unlimit':11 'vps':3"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6966577"
+editedAt: null
+createdAt: DateTimeImmutable @1703986801 {#4644
date: 2023-12-31 02:40:01.0 +01:00
}
} |
|
Show voter details
|
| 76 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4645
+user: Proxies\__CG__\App\Entity\User {#4646 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4076
+user: App\Entity\User {#4058 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I know it’s not technically “self” hosted but I’d get a cheap yearly VPS somewhere and run a webserver off of that.For me its worth the peace of mind to keep my network a temple instead of a bus terminal. I paid $13 usd for the year for mine"
+lang: "en"
+isAdult: false
+favouriteCount: 24
+score: 0
+lastActive: DateTime @1710850621 {#4084
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4074 …}
+nested: Doctrine\ORM\PersistentCollection {#4072 …}
+votes: Doctrine\ORM\PersistentCollection {#4070 …}
+reports: Doctrine\ORM\PersistentCollection {#4069 …}
+favourites: Doctrine\ORM\PersistentCollection {#4060 …}
+notifications: Doctrine\ORM\PersistentCollection {#4063 …}
-id: 262129
-bodyTs: "'13':45 'bus':41 'cheap':14 'd':11 'get':12 'host':8 'instead':38 'keep':33 'know':2 'mind':31 'mine':51 'network':35 'paid':44 'peac':29 'run':19 'self':7 'somewher':17 'technic':6 'templ':37 'termin':42 'that.for':24 'usd':46 'vps':16 'webserv':21 'worth':27 'year':15,49"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291235"
+editedAt: null
+createdAt: DateTimeImmutable @1703857759 {#4081
date: 2023-12-29 14:49:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4076}
+body: "+1 for VPS, the ionos ones are $2/mo and have unlimited bandwidth at 400mbps. That’s basically the cost of electricity for a home server with orders of magnitude better reliability."
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703986801 {#4643
date: 2023-12-31 02:40:01.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@crsu@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4647 …}
+nested: Doctrine\ORM\PersistentCollection {#4649 …}
+votes: Doctrine\ORM\PersistentCollection {#4651 …}
+reports: Doctrine\ORM\PersistentCollection {#4653 …}
+favourites: Doctrine\ORM\PersistentCollection {#4655 …}
+notifications: Doctrine\ORM\PersistentCollection {#4657 …}
-id: 266277
-bodyTs: "'+1':1 '2/mo':8 '400mbps':14 'bandwidth':12 'basic':17 'better':30 'cost':19 'electr':21 'home':24 'iono':5 'magnitud':29 'one':6 'order':27 'reliabl':31 'server':25 'unlimit':11 'vps':3"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.ml/comment/6966577"
+editedAt: null
+createdAt: DateTimeImmutable @1703986801 {#4644
date: 2023-12-31 02:40:01.0 +01:00
}
} |
|
Show voter details
|
| 77 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 78 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
} |
|
Show voter details
|
| 79 |
DENIED
|
edit
|
App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
} |
|
Show voter details
|
| 80 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
} |
|
Show voter details
|
| 81 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 82 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
} |
|
Show voter details
|
| 83 |
DENIED
|
edit
|
App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
} |
|
Show voter details
|
| 84 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
} |
|
Show voter details
|
| 85 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 86 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
} |
|
Show voter details
|
| 87 |
DENIED
|
edit
|
App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
} |
|
Show voter details
|
| 88 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
} |
|
Show voter details
|
| 89 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 90 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
} |
|
Show voter details
|
| 91 |
DENIED
|
edit
|
App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
} |
|
Show voter details
|
| 92 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
} |
|
Show voter details
|
| 93 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 94 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5021
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Ah sorry I went down the wrong rabbit hole.\n
\n
I’d imagine an isolated VLAN should be sufficient good starting point to prevent anyone from stumbling on to it locally, as well as any potential external intruder stumbling out of it?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703958226 {#5020
date: 2023-12-30 18:43:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#5026 …}
+nested: Doctrine\ORM\PersistentCollection {#5027 …}
+votes: Doctrine\ORM\PersistentCollection {#5029 …}
+reports: Doctrine\ORM\PersistentCollection {#5033 …}
+favourites: Doctrine\ORM\PersistentCollection {#5035 …}
+notifications: Doctrine\ORM\PersistentCollection {#5037 …}
-id: 265041
-bodyTs: "'ah':1 'anyon':24 'd':11 'extern':36 'good':19 'hole':9 'imagin':12 'intrud':37 'isol':14 'local':30 'point':21 'potenti':35 'prevent':23 'rabbit':8 'sorri':2 'start':20 'stumbl':26,38 'suffici':18 'vlan':15 'well':32 'went':4 'wrong':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417866"
+editedAt: null
+createdAt: DateTimeImmutable @1703958226 {#5023
date: 2023-12-30 18:43:46.0 +01:00
}
} |
|
Show voter details
|
| 95 |
DENIED
|
edit
|
App\Entity\EntryComment {#5021
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Ah sorry I went down the wrong rabbit hole.\n
\n
I’d imagine an isolated VLAN should be sufficient good starting point to prevent anyone from stumbling on to it locally, as well as any potential external intruder stumbling out of it?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703958226 {#5020
date: 2023-12-30 18:43:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#5026 …}
+nested: Doctrine\ORM\PersistentCollection {#5027 …}
+votes: Doctrine\ORM\PersistentCollection {#5029 …}
+reports: Doctrine\ORM\PersistentCollection {#5033 …}
+favourites: Doctrine\ORM\PersistentCollection {#5035 …}
+notifications: Doctrine\ORM\PersistentCollection {#5037 …}
-id: 265041
-bodyTs: "'ah':1 'anyon':24 'd':11 'extern':36 'good':19 'hole':9 'imagin':12 'intrud':37 'isol':14 'local':30 'point':21 'potenti':35 'prevent':23 'rabbit':8 'sorri':2 'start':20 'stumbl':26,38 'suffici':18 'vlan':15 'well':32 'went':4 'wrong':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417866"
+editedAt: null
+createdAt: DateTimeImmutable @1703958226 {#5023
date: 2023-12-30 18:43:46.0 +01:00
}
} |
|
Show voter details
|
| 96 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5021
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4958
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4825
+user: Proxies\__CG__\App\Entity\User {#4826 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "Cloudflare tunnel is a thin client that runs on your machine to Cloudflare; when there’s a request from outside to Cloudflare, it relays it via the established tunnel to the machine. As such, your machine only need outbound internet access (to Cloudflare servers) and no need for inbound access (I.e. port forwarding)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703899288 {#4823
date: 2023-12-30 02:21:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4827 …}
+nested: Doctrine\ORM\PersistentCollection {#4829 …}
+votes: Doctrine\ORM\PersistentCollection {#4831 …}
+reports: Doctrine\ORM\PersistentCollection {#4833 …}
+favourites: Doctrine\ORM\PersistentCollection {#4835 …}
+notifications: Doctrine\ORM\PersistentCollection {#4837 …}
-id: 263712
-bodyTs: "'access':41,50 'client':6 'cloudflar':1,13,22,43 'establish':28 'forward':53 'i.e':51 'inbound':49 'internet':40 'machin':11,32,36 'need':38,47 'outbound':39 'outsid':20 'port':52 'relay':24 'request':18 'run':8 'server':44 'thin':5 'tunnel':2,29 'via':26"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417100"
+editedAt: null
+createdAt: DateTimeImmutable @1703899288 {#4824
date: 2023-12-30 02:21:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Thank you for your reply, but i actually was asking about the network stuff 😅\n
\n
I used to use cloudflare tunnels for many years, now i’m a bit too tin foiled to use any cloudflare 😅
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947831 {#4956
date: 2023-12-30 15:50:31.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#4959 …}
+nested: Doctrine\ORM\PersistentCollection {#4961 …}
+votes: Doctrine\ORM\PersistentCollection {#4963 …}
+reports: Doctrine\ORM\PersistentCollection {#4965 …}
+favourites: Doctrine\ORM\PersistentCollection {#4967 …}
+notifications: Doctrine\ORM\PersistentCollection {#4969 …}
-id: 264715
-bodyTs: "'actual':8 'ask':10 'bit':28 'cloudflar':19,35 'foil':31 'm':26 'mani':22 'network':13 'repli':5 'stuff':14 'thank':1 'tin':30 'tunnel':20 'use':16,18,33 'year':23"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6937359"
+editedAt: null
+createdAt: DateTimeImmutable @1703947831 {#4957
date: 2023-12-30 15:50:31.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Ah sorry I went down the wrong rabbit hole.\n
\n
I’d imagine an isolated VLAN should be sufficient good starting point to prevent anyone from stumbling on to it locally, as well as any potential external intruder stumbling out of it?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703958226 {#5020
date: 2023-12-30 18:43:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
"@chiisana@lemmy.chiisana.net"
]
+children: Doctrine\ORM\PersistentCollection {#5026 …}
+nested: Doctrine\ORM\PersistentCollection {#5027 …}
+votes: Doctrine\ORM\PersistentCollection {#5029 …}
+reports: Doctrine\ORM\PersistentCollection {#5033 …}
+favourites: Doctrine\ORM\PersistentCollection {#5035 …}
+notifications: Doctrine\ORM\PersistentCollection {#5037 …}
-id: 265041
-bodyTs: "'ah':1 'anyon':24 'd':11 'extern':36 'good':19 'hole':9 'imagin':12 'intrud':37 'isol':14 'local':30 'point':21 'potenti':35 'prevent':23 'rabbit':8 'sorri':2 'start':20 'stumbl':26,38 'suffici':18 'vlan':15 'well':32 'went':4 'wrong':7"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.chiisana.net/comment/417866"
+editedAt: null
+createdAt: DateTimeImmutable @1703958226 {#5023
date: 2023-12-30 18:43:46.0 +01:00
}
} |
|
Show voter details
|
| 97 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 98 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
} |
|
Show voter details
|
| 99 |
DENIED
|
edit
|
App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
} |
|
Show voter details
|
| 100 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
} |
|
Show voter details
|
| 101 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 102 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
} |
|
Show voter details
|
| 103 |
DENIED
|
edit
|
App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
} |
|
Show voter details
|
| 104 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
} |
|
Show voter details
|
| 105 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 106 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
} |
|
Show voter details
|
| 107 |
DENIED
|
edit
|
App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
} |
|
Show voter details
|
| 108 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
} |
|
Show voter details
|
| 109 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 110 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5055
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "I mean, what does it host if the only thing it has access to is the internet?"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703992779 {#5060
date: 2023-12-31 04:19:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5063 …}
+nested: Doctrine\ORM\PersistentCollection {#5067 …}
+votes: Doctrine\ORM\PersistentCollection {#5069 …}
+reports: Doctrine\ORM\PersistentCollection {#5070 …}
+favourites: Doctrine\ORM\PersistentCollection {#5072 …}
+notifications: Doctrine\ORM\PersistentCollection {#5074 …}
-id: 266531
-bodyTs: "'access':13 'host':6 'internet':17 'mean':2 'thing':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6951406"
+editedAt: null
+createdAt: DateTimeImmutable @1703992779 {#5057
date: 2023-12-31 04:19:39.0 +01:00
}
} |
|
Show voter details
|
| 111 |
DENIED
|
edit
|
App\Entity\EntryComment {#5055
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "I mean, what does it host if the only thing it has access to is the internet?"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703992779 {#5060
date: 2023-12-31 04:19:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5063 …}
+nested: Doctrine\ORM\PersistentCollection {#5067 …}
+votes: Doctrine\ORM\PersistentCollection {#5069 …}
+reports: Doctrine\ORM\PersistentCollection {#5070 …}
+favourites: Doctrine\ORM\PersistentCollection {#5072 …}
+notifications: Doctrine\ORM\PersistentCollection {#5074 …}
-id: 266531
-bodyTs: "'access':13 'host':6 'internet':17 'mean':2 'thing':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6951406"
+editedAt: null
+createdAt: DateTimeImmutable @1703992779 {#5057
date: 2023-12-31 04:19:39.0 +01:00
}
} |
|
Show voter details
|
| 112 |
DENIED
|
moderate
|
App\Entity\EntryComment {#5055
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#5041
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4973
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4841
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4661
+user: Proxies\__CG__\App\Entity\User {#4662 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Can i ask you to elaborate on this part\n
\n
> Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
I used to have a separate box, but the only thing it did was port forwarding\n
\n
Specifically i don’t really understand the topology of this setup, and how do i set it up
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703878588 {#4659
date: 2023-12-29 20:36:28.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4663 …}
+nested: Doctrine\ORM\PersistentCollection {#4665 …}
+votes: Doctrine\ORM\PersistentCollection {#4667 …}
+reports: Doctrine\ORM\PersistentCollection {#4669 …}
+favourites: Doctrine\ORM\PersistentCollection {#4671 …}
+notifications: Doctrine\ORM\PersistentCollection {#4673 …}
-id: 262858
-bodyTs: "'allow':55 'alreadi':36 'arp':64 'ask':3 'assum':10 'box':16,74 'devic':61 'dhcp':52 'dns':46 'elabor':6 'entri':24 'forward':34,83 'isol':31 'leav':29 'network':28,58 'part':9 'point':25 'port':33,82 're':57 'realli':88 'see':63 'separ':73 'set':99 'setup':94 'specif':84 'thing':78 'time':13 'topolog':91 'toxic':18 'traffic':65 'tunnel':38 'understand':89 'use':43,49,69 'user':59 'wast':19"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6921113"
+editedAt: null
+createdAt: DateTimeImmutable @1703878588 {#4660
date: 2023-12-29 20:36:28.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
You need to have a rather capable router / firewall combo.\n
\n
You could pick up a ubiquity USG. Or set up something with an isp router and a PF sense firewall.\n
\n
You need to have separate networks in your house. And the ability to set firewall rules between the networks.\n
\n
The network that contains the hosting box needs to have absolutely no access to anything else in your house except it’s route out to the internet. Don’t have it go to your router for DHCP set it up statically. Don’t have it go to your router for DNS, choose an external source.\n
\n
The firewall rules for that network are allow outbound internet with return traffic, allow SSH and maybe VNC from your home network, then deny all.\n
\n
The idea is that you assume the box is capable of getting infected. So you just make sure that the box can live safely in your network even if it is compromised.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703946038 {#4839
date: 2023-12-30 15:20:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4842 …}
+nested: Doctrine\ORM\PersistentCollection {#4844 …}
+votes: Doctrine\ORM\PersistentCollection {#4846 …}
+reports: Doctrine\ORM\PersistentCollection {#4848 …}
+favourites: Doctrine\ORM\PersistentCollection {#4850 …}
+notifications: Doctrine\ORM\PersistentCollection {#4852 …}
-id: 264680
-bodyTs: "'abil':42 'absolut':60 'access':62 'allow':112,118 'anyth':64 'assum':135 'box':56,137,150 'capabl':7,139 'choos':101 'combo':10 'compromis':161 'contain':53 'could':12 'deni':128 'dhcp':86 'dns':100 'els':65 'even':157 'except':69 'extern':103 'firewal':9,30,45,106 'get':141 'go':81,95 'home':125 'host':55 'hous':39,68 'idea':131 'infect':142 'internet':76,114 'isp':24 'live':152 'make':146 'mayb':121 'need':2,32,57 'network':36,49,51,110,126,156 'outbound':113 'pf':28 'pick':13 'rather':6 'return':116 'rout':72 'router':8,25,84,98 'rule':46,107 'safe':153 'sens':29 'separ':35 'set':19,44,87 'someth':21 'sourc':104 'ssh':119 'static':90 'sure':147 'traffic':117 'ubiqu':16 'usg':17 'vnc':122"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6304895"
+editedAt: null
+createdAt: DateTimeImmutable @1703946038 {#4840
date: 2023-12-30 15:20:38.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
(I just noticed i replied to your another comment, but still to you 😬)\n
\n
Now i’m a little bit confused, what does it do then?\n
\n
If the box doesn’t have access to anything on the network, how would it do anything?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703951398 {#4971
date: 2023-12-30 16:49:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#4974 …}
+nested: Doctrine\ORM\PersistentCollection {#4976 …}
+votes: Doctrine\ORM\PersistentCollection {#4978 …}
+reports: Doctrine\ORM\PersistentCollection {#4980 …}
+favourites: Doctrine\ORM\PersistentCollection {#4982 …}
+notifications: Doctrine\ORM\PersistentCollection {#4984 …}
-id: 264832
-bodyTs: "'access':32 'anoth':8 'anyth':34,42 'bit':19 'box':28 'comment':9 'confus':20 'doesn':29 'littl':18 'm':16 'network':37 'notic':3 'repli':5 'still':11 'would':39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6938748"
+editedAt: null
+createdAt: DateTimeImmutable @1703951398 {#4972
date: 2023-12-30 16:49:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "The box you’re hosting on only needs internet access to connect the tunnel. Cloudflare terminates that SSL connection right in a piece of software on your web server."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1703978796 {#5039
date: 2023-12-31 00:26:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5042 …}
+nested: Doctrine\ORM\PersistentCollection {#5044 …}
+votes: Doctrine\ORM\PersistentCollection {#5046 …}
+reports: Doctrine\ORM\PersistentCollection {#5048 …}
+favourites: Doctrine\ORM\PersistentCollection {#5050 …}
+notifications: Doctrine\ORM\PersistentCollection {#5052 …}
-id: 265945
-bodyTs: "'access':10 'box':2 'cloudflar':15 'connect':12,19 'host':5 'internet':9 'need':8 'piec':23 're':4 'right':20 'server':29 'softwar':25 'ssl':18 'termin':16 'tunnel':14 'web':28"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6311438"
+editedAt: null
+createdAt: DateTimeImmutable @1703978796 {#5040
date: 2023-12-31 00:26:36.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: "I mean, what does it host if the only thing it has access to is the internet?"
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703992779 {#5060
date: 2023-12-31 04:19:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
"@Gooey0210@sh.itjust.works"
]
+children: Doctrine\ORM\PersistentCollection {#5063 …}
+nested: Doctrine\ORM\PersistentCollection {#5067 …}
+votes: Doctrine\ORM\PersistentCollection {#5069 …}
+reports: Doctrine\ORM\PersistentCollection {#5070 …}
+favourites: Doctrine\ORM\PersistentCollection {#5072 …}
+notifications: Doctrine\ORM\PersistentCollection {#5074 …}
-id: 266531
-bodyTs: "'access':13 'host':6 'internet':17 'mean':2 'thing':10"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6951406"
+editedAt: null
+createdAt: DateTimeImmutable @1703992779 {#5057
date: 2023-12-31 04:19:39.0 +01:00
}
} |
|
Show voter details
|
| 113 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 114 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
} |
|
Show voter details
|
| 115 |
DENIED
|
edit
|
App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
} |
|
Show voter details
|
| 116 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
} |
|
Show voter details
|
| 117 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 118 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4856
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Oh yeah, I totally get the allure of containers. I use them myself just not in production.\n
\n
To be fair, python and node both suffer from the same kind of worries. And stuff gets slipped into those repos not too infrequently.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947777 {#4854
date: 2023-12-30 15:49:37.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4857 …}
+nested: Doctrine\ORM\PersistentCollection {#4859 …}
+votes: Doctrine\ORM\PersistentCollection {#4861 …}
+reports: Doctrine\ORM\PersistentCollection {#4863 …}
+favourites: Doctrine\ORM\PersistentCollection {#4865 …}
+notifications: Doctrine\ORM\PersistentCollection {#4867 …}
-id: 264714
-bodyTs: "'allur':7 'contain':9 'fair':20 'get':5,34 'infrequ':41 'kind':29 'node':23 'oh':1 'product':17 'python':21 'repo':38 'slip':35 'stuff':33 'suffer':25 'total':4 'use':11 'worri':31 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6305182"
+editedAt: null
+createdAt: DateTimeImmutable @1703947777 {#4855
date: 2023-12-30 15:49:37.0 +01:00
}
} |
|
Show voter details
|
| 119 |
DENIED
|
edit
|
App\Entity\EntryComment {#4856
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Oh yeah, I totally get the allure of containers. I use them myself just not in production.\n
\n
To be fair, python and node both suffer from the same kind of worries. And stuff gets slipped into those repos not too infrequently.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947777 {#4854
date: 2023-12-30 15:49:37.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4857 …}
+nested: Doctrine\ORM\PersistentCollection {#4859 …}
+votes: Doctrine\ORM\PersistentCollection {#4861 …}
+reports: Doctrine\ORM\PersistentCollection {#4863 …}
+favourites: Doctrine\ORM\PersistentCollection {#4865 …}
+notifications: Doctrine\ORM\PersistentCollection {#4867 …}
-id: 264714
-bodyTs: "'allur':7 'contain':9 'fair':20 'get':5,34 'infrequ':41 'kind':29 'node':23 'oh':1 'product':17 'python':21 'repo':38 'slip':35 'stuff':33 'suffer':25 'total':4 'use':11 'worri':31 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6305182"
+editedAt: null
+createdAt: DateTimeImmutable @1703947777 {#4855
date: 2023-12-30 15:49:37.0 +01:00
}
} |
|
Show voter details
|
| 120 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4856
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4677
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4148
+user: App\Entity\User {#4161 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
The first worry are vectors around the Synology, It’s firmware, and network stack. Those devices are very closely scrutinized. Historically there have been many different vulnerabilities found and patched. Something like the log4j vulnerabilities back in the day where something just has to hit the logging system too hit you might open a hole in any of the other standard software packages there. And because the platform is so well known, once one vulnerability is found they already know what else exists by default and have plans for ways to attack it.\n
\n
Vulnerabilities that COULD affect you in this case for few and far between but few and far between are how things happen.\n
\n
The next concern you’re going to have are going to be someone slipping you a mickey in a container image. By and large it’s a bunch of good people maintaining the container images. They’re including packages from other good people. But this also means that there is a hell of a lot of cooks in the kitchen, and distribution, and upstream.\n
\n
To be perfectly honest, with everything on auto update, cloud flares built-in protections for DDOS and attacks, and the nature of what you’re trying to host, you’re probably safe enough. There’s no three letter government agency or elite hacker group specifically after you. You’re far more likely to accidentally trip upon a zero day email image filter /pdf vulnerability and get bot netted as you are someone successfully attacking your Argo tunnel.\n
\n
That said, it’s always better to host in someone else’s backyard than your own. If I were really, really stuck on hosting in my house on my network, I probably stand up a dedicated box, maybe something as small as a pi 0. I’d make sure that I had a really decent router / firewall and slip that hosting device into an isolated network that’s not allowed to reach out to anything else on my network.\n
\n
Assume at all times that the box is toxic waste and that is an entry point into your network. Leave it isolated. No port forwards, you already have tunnels for that, don’t use it for DNS don’t use it for DHCP, Don’t allow You’re network users or devices to see ARP traffic from it.\n
\n
Firewall drops everything between your home network and that box except SSH in, or maybe VNC in depending on your level of comfort.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 15
+score: 0
+lastActive: DateTime @1709671500 {#4143
date: 2024-03-05 21:45:00.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4149 …}
+nested: Doctrine\ORM\PersistentCollection {#4151 …}
+votes: Doctrine\ORM\PersistentCollection {#4153 …}
+reports: Doctrine\ORM\PersistentCollection {#4155 …}
+favourites: Doctrine\ORM\PersistentCollection {#4157 …}
+notifications: Doctrine\ORM\PersistentCollection {#4159 …}
-id: 262252
-bodyTs: "'/pdf':243 '0':302 'accident':234 'affect':97 'agenc':220 'allow':327,382 'alreadi':79,363 'also':161 'alway':262 'anyth':332 'argo':256 'around':6 'arp':391 'assum':337 'attack':92,198,254 'auto':187 'back':36 'backyard':270 'better':263 'bot':247 'box':294,343,404 'built':192 'built-in':191 'bunch':143 'case':101 'close':19 'cloud':189 'comfort':417 'concern':118 'contain':135,149 'cook':172 'could':96 'd':304 'day':39,239 'ddos':196 'decent':312 'dedic':293 'default':85 'depend':412 'devic':16,319,388 'dhcp':379 'differ':26 'distribut':177 'dns':373 'drop':396 'elit':222 'els':82,268,333 'email':240 'enough':213 'entri':351 'everyth':185,397 'except':405 'exist':83 'far':105,110,230 'filter':242 'firewal':314,395 'firmwar':11 'first':2 'flare':190 'forward':361 'found':28,77 'get':246 'go':121,125 'good':145,157 'govern':219 'group':224 'hacker':223 'happen':115 'hell':167 'histor':21 'hit':45,50 'hole':55 'home':400 'honest':183 'host':208,265,281,318 'hous':284 'imag':136,150,241 'includ':153 'isol':322,358 'kitchen':175 'know':80 'known':72 'larg':139 'leav':356 'letter':218 'level':415 'like':32,232 'log':47 'log4j':34 'lot':170 'maintain':147 'make':305 'mani':25 'mayb':295,409 'mean':162 'mickey':132 'might':52 'natur':201 'net':248 'network':13,287,323,336,355,385,401 'next':117 'one':74 'open':53 'packag':63,154 'patch':30 'peopl':146,158 'perfect':182 'pi':301 'plan':88 'platform':68 'point':352 'port':360 'probabl':211,289 'protect':194 're':120,152,205,210,229,384 'reach':329 'realli':277,278,311 'router':313 'safe':212 'said':259 'scrutin':20 'see':390 'slip':129,316 'small':298 'softwar':62 'someon':128,252,267 'someth':31,41,296 'specif':225 'ssh':406 'stack':14 'stand':290 'standard':61 'stuck':279 'success':253 'sure':306 'synolog':8 'system':48 'thing':114 'three':217 'time':340 'toxic':345 'traffic':392 'tri':206 'trip':235 'tunnel':257,365 'updat':188 'upon':236 'upstream':179 'use':370,376 'user':386 'vector':5 'vnc':410 'vulner':27,35,75,94,244 'wast':346 'way':90 'well':71 'worri':3 'zero':238"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291890"
+editedAt: null
+createdAt: DateTimeImmutable @1703861584 {#4144
date: 2023-12-29 15:53:04.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Are you my brain? This exactly the sort of thing I think about when I say I’m paranoid about self-hosting! Alas, as much as I’d like to be able to add an extra box just for that level of isolation it’d probably take more of a time commitment than I have available to get it properly setup.\n
\n
The attraction of docker containers, of course, is that they’re largely ready to go with sensible default settings out of the box, and maintenance is taken care of by somebody else.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703944906 {#4675
date: 2023-12-30 15:01:46.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4678 …}
+nested: Doctrine\ORM\PersistentCollection {#4680 …}
+votes: Doctrine\ORM\PersistentCollection {#4682 …}
+reports: Doctrine\ORM\PersistentCollection {#4684 …}
+favourites: Doctrine\ORM\PersistentCollection {#4686 …}
+notifications: Doctrine\ORM\PersistentCollection {#4688 …}
-id: 264647
-bodyTs: "'abl':33 'add':35 'ala':24 'attract':64 'avail':57 'box':38,85 'brain':4 'care':90 'commit':53 'contain':67 'cours':69 'd':29,46 'default':80 'docker':66 'els':94 'exact':6 'extra':37 'get':59 'go':77 'host':23 'isol':44 'larg':74 'level':42 'like':30 'm':18 'mainten':87 'much':26 'paranoid':19 'probabl':47 'proper':61 're':73 'readi':75 'say':16 'self':22 'self-host':21 'sensibl':79 'set':81 'setup':62 'somebodi':93 'sort':8 'take':48 'taken':89 'thing':10 'think':12 'time':52"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5466725"
+editedAt: null
+createdAt: DateTimeImmutable @1703944906 {#4676
date: 2023-12-30 15:01:46.0 +01:00
}
}
+root: App\Entity\EntryComment {#4148}
+body: """
Oh yeah, I totally get the allure of containers. I use them myself just not in production.\n
\n
To be fair, python and node both suffer from the same kind of worries. And stuff gets slipped into those repos not too infrequently.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703947777 {#4854
date: 2023-12-30 15:49:37.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@linearchaos@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#4857 …}
+nested: Doctrine\ORM\PersistentCollection {#4859 …}
+votes: Doctrine\ORM\PersistentCollection {#4861 …}
+reports: Doctrine\ORM\PersistentCollection {#4863 …}
+favourites: Doctrine\ORM\PersistentCollection {#4865 …}
+notifications: Doctrine\ORM\PersistentCollection {#4867 …}
-id: 264714
-bodyTs: "'allur':7 'contain':9 'fair':20 'get':5,34 'infrequ':41 'kind':29 'node':23 'oh':1 'product':17 'python':21 'repo':38 'slip':35 'stuff':33 'suffer':25 'total':4 'use':11 'worri':31 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6305182"
+editedAt: null
+createdAt: DateTimeImmutable @1703947777 {#4855
date: 2023-12-30 15:49:37.0 +01:00
}
} |
|
Show voter details
|
| 121 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 122 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
} |
|
Show voter details
|
| 123 |
DENIED
|
edit
|
App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
} |
|
Show voter details
|
| 124 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
} |
|
Show voter details
|
| 125 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 126 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
} |
|
Show voter details
|
| 127 |
DENIED
|
edit
|
App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
} |
|
Show voter details
|
| 128 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
} |
|
Show voter details
|
| 129 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 130 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
} |
|
Show voter details
|
| 131 |
DENIED
|
edit
|
App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
} |
|
Show voter details
|
| 132 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
} |
|
Show voter details
|
| 133 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 134 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4988
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
No, but I thought I clarified that when I said it’s basically wireguard VPN which operates using tcp/udp (layer 3.) layer 7 is stuff like https. CF tunnels are lower level.\n
\n
Page you linked is missing the layer between CF and source server so it doesn’t indicate layer. You can lookup wireguard protocol if you want more details.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704082553 {#4986
date: 2024-01-01 05:15:53.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4989 …}
+nested: Doctrine\ORM\PersistentCollection {#4991 …}
+votes: Doctrine\ORM\PersistentCollection {#4993 …}
+reports: Doctrine\ORM\PersistentCollection {#4995 …}
+favourites: Doctrine\ORM\PersistentCollection {#4997 …}
+notifications: Doctrine\ORM\PersistentCollection {#4999 …}
-id: 269205
-bodyTs: "'3':21 '7':23 'basic':13 'cf':28,41 'clarifi':6 'detail':60 'doesn':47 'https':27 'indic':49 'layer':20,22,39,50 'level':32 'like':26 'link':35 'lookup':53 'lower':31 'miss':37 'oper':17 'page':33 'protocol':55 'said':10 'server':44 'sourc':43 'stuff':25 'tcp/udp':19 'thought':4 'tunnel':29 'use':18 'vpn':15 'want':58 'wireguard':14,54"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6830939"
+editedAt: null
+createdAt: DateTimeImmutable @1704082553 {#4987
date: 2024-01-01 05:15:53.0 +01:00
}
} |
|
Show voter details
|
| 135 |
DENIED
|
edit
|
App\Entity\EntryComment {#4988
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
No, but I thought I clarified that when I said it’s basically wireguard VPN which operates using tcp/udp (layer 3.) layer 7 is stuff like https. CF tunnels are lower level.\n
\n
Page you linked is missing the layer between CF and source server so it doesn’t indicate layer. You can lookup wireguard protocol if you want more details.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704082553 {#4986
date: 2024-01-01 05:15:53.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4989 …}
+nested: Doctrine\ORM\PersistentCollection {#4991 …}
+votes: Doctrine\ORM\PersistentCollection {#4993 …}
+reports: Doctrine\ORM\PersistentCollection {#4995 …}
+favourites: Doctrine\ORM\PersistentCollection {#4997 …}
+notifications: Doctrine\ORM\PersistentCollection {#4999 …}
-id: 269205
-bodyTs: "'3':21 '7':23 'basic':13 'cf':28,41 'clarifi':6 'detail':60 'doesn':47 'https':27 'indic':49 'layer':20,22,39,50 'level':32 'like':26 'link':35 'lookup':53 'lower':31 'miss':37 'oper':17 'page':33 'protocol':55 'said':10 'server':44 'sourc':43 'stuff':25 'tcp/udp':19 'thought':4 'tunnel':29 'use':18 'vpn':15 'want':58 'wireguard':14,54"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6830939"
+editedAt: null
+createdAt: DateTimeImmutable @1704082553 {#4987
date: 2024-01-01 05:15:53.0 +01:00
}
} |
|
Show voter details
|
| 136 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4988
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4872
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4692
+user: Proxies\__CG__\App\Entity\User {#4693 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: App\Entity\EntryComment {#4223
+user: App\Entity\User {#4236 …}
+entry: App\Entity\Entry {#2412}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.\n
\n
Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.\n
\n
If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 7
+score: 0
+lastActive: DateTime @1710164918 {#4218
date: 2024-03-11 14:48:38.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4224 …}
+nested: Doctrine\ORM\PersistentCollection {#4226 …}
+votes: Doctrine\ORM\PersistentCollection {#4228 …}
+reports: Doctrine\ORM\PersistentCollection {#4230 …}
+favourites: Doctrine\ORM\PersistentCollection {#4232 …}
+notifications: Doctrine\ORM\PersistentCollection {#4234 …}
-id: 264746
-bodyTs: "'7':5 'access':11,58 'also':16 'alway':81 'break':22 'btw':23 'certain':19 'cloudflar':1 'comput':43 'd':40 'docker':69 'exampl':25 'extern':60 'go':46,66 'host':49 'imag':70 'inform':33 'isn':35 'isol':52 'latest':85 'layer':4 'load':32 'make':71 'mean':14,17 'next':38 'often':79 'put':41 're':65,77 'spin':82 'support':37 'sure':72 'thing':20 'tunnel':2 'unlimit':10 'updat':78 'url':61 'use':29,68 'vet':74 'via':59 'vlan':53 'websit':28 'websocket':30"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6018969"
+editedAt: null
+createdAt: DateTimeImmutable @1703948818 {#4219
date: 2023-12-30 16:06:58.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
CF tunnels are layer 3, not 7 and they have support for web sockets. It’s basically wireguard VPN with a few extras built on top.\n
\n
[…cloudflare.com/…/cloudflare-tunnels-faq/](https://developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703995239 {#4690
date: 2023-12-31 05:00:39.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
]
+children: Doctrine\ORM\PersistentCollection {#4694 …}
+nested: Doctrine\ORM\PersistentCollection {#4696 …}
+votes: Doctrine\ORM\PersistentCollection {#4698 …}
+reports: Doctrine\ORM\PersistentCollection {#4700 …}
+favourites: Doctrine\ORM\PersistentCollection {#4702 …}
+notifications: Doctrine\ORM\PersistentCollection {#4704 …}
-id: 266603
-bodyTs: "'/cloudflare-one/faq/cloudflare-tunnels-faq/)':31 '/cloudflare-tunnels-faq':28 '3':5 '7':7 'basic':17 'built':24 'cf':1 'cloudflare.com':27 'developers.cloudflare.com':30 'developers.cloudflare.com/cloudflare-one/faq/cloudflare-tunnels-faq/)':29 'extra':23 'layer':4 'socket':14 'support':11 'top':26 'tunnel':2 'vpn':19 'web':13 'wireguard':18"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6809352"
+editedAt: null
+createdAt: DateTimeImmutable @1703995239 {#4691
date: 2023-12-31 05:00:39.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
That document doesn’t say what layer. But it does say it supports Websockets.\n
\n
Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.\n
\n
Looking at [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.\n
\n
Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1703999299 {#4869
date: 2023-12-31 06:08:19.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4873 …}
+nested: Doctrine\ORM\PersistentCollection {#4875 …}
+votes: Doctrine\ORM\PersistentCollection {#4877 …}
+reports: Doctrine\ORM\PersistentCollection {#4879 …}
+favourites: Doctrine\ORM\PersistentCollection {#4881 …}
+notifications: Doctrine\ORM\PersistentCollection {#4883 …}
-id: 267942
-bodyTs: "'/cloudflare-one/connections/connect-networks/)':61 '7':70 'although':71 'anyway':107 'app':80 'backend':85 'comput':98 'connect':52,94 'could':73 'couldn':103 'developers.cloudflare.com':60 'developers.cloudflare.com/cloudflare-one/connections/connect-networks/)':59 'document':2 'doesn':3 'end':79 'even':91 'find':83 'front':78 'get':32,105 'go':112 'grant':89 'howev':41 'issu':82 'layer':7,69 'like':111 'look':55 'm':109 'name':27 'odd':16 'offlin':118 'option':34 'page':58 'privat':97 'project':117 'protocol':101 'requir':44 'say':5,11 'seem':64 'servic':39,46,86 'set':22 'soon':119 'specifi':36 'support':13 'take':115 'tri':20,92 'tunnel':28 'type':40,47 'use':25,99 'want':50 'websocket':14,88 'would':63 'wrong':75 'ws':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://programming.dev/comment/6030708"
+editedAt: DateTimeImmutable @1709981034 {#4870
date: 2024-03-09 11:43:54.0 +01:00
}
+createdAt: DateTimeImmutable @1703999299 {#4871
date: 2023-12-31 06:08:19.0 +01:00
}
}
+root: App\Entity\EntryComment {#4223}
+body: """
No, but I thought I clarified that when I said it’s basically wireguard VPN which operates using tcp/udp (layer 3.) layer 7 is stuff like https. CF tunnels are lower level.\n
\n
Page you linked is missing the layer between CF and source server so it doesn’t indicate layer. You can lookup wireguard protocol if you want more details.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1704082553 {#4986
date: 2024-01-01 05:15:53.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
"@hpca01@programming.dev"
"@daq@lemmy.sdf.org"
]
+children: Doctrine\ORM\PersistentCollection {#4989 …}
+nested: Doctrine\ORM\PersistentCollection {#4991 …}
+votes: Doctrine\ORM\PersistentCollection {#4993 …}
+reports: Doctrine\ORM\PersistentCollection {#4995 …}
+favourites: Doctrine\ORM\PersistentCollection {#4997 …}
+notifications: Doctrine\ORM\PersistentCollection {#4999 …}
-id: 269205
-bodyTs: "'3':21 '7':23 'basic':13 'cf':28,41 'clarifi':6 'detail':60 'doesn':47 'https':27 'indic':49 'layer':20,22,39,50 'level':32 'like':26 'link':35 'lookup':53 'lower':31 'miss':37 'oper':17 'page':33 'protocol':55 'said':10 'server':44 'sourc':43 'stuff':25 'tcp/udp':19 'thought':4 'tunnel':29 'use':18 'vpn':15 'want':58 'wireguard':14,54"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.sdf.org/comment/6830939"
+editedAt: null
+createdAt: DateTimeImmutable @1704082553 {#4987
date: 2024-01-01 05:15:53.0 +01:00
}
} |
|
Show voter details
|
| 137 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 138 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4296
+user: App\Entity\User {#4309 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
You’ll be fine enough as long as you enable MFA on your Nas, and ideally configure it so that anything “fun”, like administrative controls or remote access, are only available on the local network.\n
\n
Synology has sensible defaults for security, for the most part. Make sure you have automated updates enabled, even for minor updates, and ensure it’s configured to block multiple failed login attempts.\n
\n
You’re probably not going to get hackerman poking at your stuff, but you’ll get bots trying to ssh in, and login to the WordPress admin console, even if you’re not using WordPress.\n
\n
A good rule of thumb for securing computers is to minimize access/privilege/connectivity. \n
Lock everything down as far as you can, turn off everything that makes it possible to access it, and enable every tool for keeping people out or dissuading attackers. \n
Now you can enable port 443 on your Nas to be publicly available, and only that port because you don’t need anything else. \n
You can enable your router to forward only port 443 to your Nas.\n
\n
It feels silly to say, but sometimes people think “my firewall is getting in the way, I’ll turn it off”, or “this one user needs read access to one file, so I’ll give read/write/execute privileges to every user in the system to this folder and every subfolder”.\n
\n
So as long as you’re basically sensible and use the tools available, you should be fine. \n
You’ll still poop a little the first time you see that 800 bots tried to break in. Just remember that they’re doing that *now*, there’s just nothing listening to write down that they tried.\n
\n
However, the person who suggested putting cloudflare in front of GitHub pages and using something like Hugo is a great example of “opening as few holes as possible”, and “using the tools available”. \n
It’s what I do for my static sites, like my recipes and stuff. \n
You can get a GitHub action configured that’ll compile the site and deploy it whenever a commit happens, which is nice.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1703860115 {#4291
date: 2023-12-29 15:28:35.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4297 …}
+nested: Doctrine\ORM\PersistentCollection {#4299 …}
+votes: Doctrine\ORM\PersistentCollection {#4301 …}
+reports: Doctrine\ORM\PersistentCollection {#4303 …}
+favourites: Doctrine\ORM\PersistentCollection {#4305 …}
+notifications: Doctrine\ORM\PersistentCollection {#4307 …}
-id: 262216
-bodyTs: "'443':149,177 '800':259 'access':28,131,208 'access/privilege/connectivity':114 'action':336 'admin':94 'administr':24 'anyth':21,166 'attack':143 'attempt':67 'autom':50 'avail':31,156,242,316 'basic':236 'block':63 'bot':84,260 'break':263 'cloudflar':290 'commit':348 'compil':340 'comput':110 'configur':17,61,337 'consol':95 'control':25 'default':39 'deploy':344 'dissuad':142 'els':167 'enabl':10,52,134,147,170 'enough':5 'ensur':58 'even':53,96 'everi':135,219,228 'everyth':116,125 'exampl':304 'fail':65 'far':119 'feel':182 'file':211 'fine':4,246 'firewal':191 'first':254 'folder':226 'forward':174 'front':292 'fun':22 'get':74,83,193,333 'github':294,335 'give':215 'go':72 'good':104 'great':303 'hackerman':75 'happen':349 'hole':309 'howev':284 'hugo':300 'ideal':16 'keep':138 'like':23,299,326 'listen':277 'littl':252 'll':2,82,198,214,248,339 'local':34 'lock':115 'login':66,90 'long':7,232 'make':46,127 'mfa':11 'minim':113 'minor':55 'multipl':64 'nas':14,152,180 'need':165,206 'network':35 'nice':352 'noth':276 'one':204,210 'open':306 'page':295 'part':45 'peopl':139,188 'person':286 'poke':76 'poop':250 'port':148,160,176 'possibl':129,311 'privileg':217 'probabl':70 'public':155 'put':289 're':69,99,235,269 'read':207 'read/write/execute':216 'recip':328 'rememb':266 'remot':27 'router':172 'rule':105 'say':185 'secur':41,109 'see':257 'sensibl':38,237 'silli':183 'site':325,342 'someth':298 'sometim':187 'ssh':87 'static':324 'still':249 'stuff':79,330 'subfold':229 'suggest':288 'sure':47 'synolog':36 'system':223 'think':189 'thumb':107 'time':255 'tool':136,241,315 'tri':85,261,283 'turn':123,199 'updat':51,56 'use':101,239,297,313 'user':205,220 'way':196 'whenev':346 'wordpress':93,102 'write':279"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6915143"
+editedAt: null
+createdAt: DateTimeImmutable @1703860115 {#4292
date: 2023-12-29 15:28:35.0 +01:00
}
} |
|
Show voter details
|
| 139 |
DENIED
|
edit
|
App\Entity\EntryComment {#4296
+user: App\Entity\User {#4309 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
You’ll be fine enough as long as you enable MFA on your Nas, and ideally configure it so that anything “fun”, like administrative controls or remote access, are only available on the local network.\n
\n
Synology has sensible defaults for security, for the most part. Make sure you have automated updates enabled, even for minor updates, and ensure it’s configured to block multiple failed login attempts.\n
\n
You’re probably not going to get hackerman poking at your stuff, but you’ll get bots trying to ssh in, and login to the WordPress admin console, even if you’re not using WordPress.\n
\n
A good rule of thumb for securing computers is to minimize access/privilege/connectivity. \n
Lock everything down as far as you can, turn off everything that makes it possible to access it, and enable every tool for keeping people out or dissuading attackers. \n
Now you can enable port 443 on your Nas to be publicly available, and only that port because you don’t need anything else. \n
You can enable your router to forward only port 443 to your Nas.\n
\n
It feels silly to say, but sometimes people think “my firewall is getting in the way, I’ll turn it off”, or “this one user needs read access to one file, so I’ll give read/write/execute privileges to every user in the system to this folder and every subfolder”.\n
\n
So as long as you’re basically sensible and use the tools available, you should be fine. \n
You’ll still poop a little the first time you see that 800 bots tried to break in. Just remember that they’re doing that *now*, there’s just nothing listening to write down that they tried.\n
\n
However, the person who suggested putting cloudflare in front of GitHub pages and using something like Hugo is a great example of “opening as few holes as possible”, and “using the tools available”. \n
It’s what I do for my static sites, like my recipes and stuff. \n
You can get a GitHub action configured that’ll compile the site and deploy it whenever a commit happens, which is nice.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1703860115 {#4291
date: 2023-12-29 15:28:35.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4297 …}
+nested: Doctrine\ORM\PersistentCollection {#4299 …}
+votes: Doctrine\ORM\PersistentCollection {#4301 …}
+reports: Doctrine\ORM\PersistentCollection {#4303 …}
+favourites: Doctrine\ORM\PersistentCollection {#4305 …}
+notifications: Doctrine\ORM\PersistentCollection {#4307 …}
-id: 262216
-bodyTs: "'443':149,177 '800':259 'access':28,131,208 'access/privilege/connectivity':114 'action':336 'admin':94 'administr':24 'anyth':21,166 'attack':143 'attempt':67 'autom':50 'avail':31,156,242,316 'basic':236 'block':63 'bot':84,260 'break':263 'cloudflar':290 'commit':348 'compil':340 'comput':110 'configur':17,61,337 'consol':95 'control':25 'default':39 'deploy':344 'dissuad':142 'els':167 'enabl':10,52,134,147,170 'enough':5 'ensur':58 'even':53,96 'everi':135,219,228 'everyth':116,125 'exampl':304 'fail':65 'far':119 'feel':182 'file':211 'fine':4,246 'firewal':191 'first':254 'folder':226 'forward':174 'front':292 'fun':22 'get':74,83,193,333 'github':294,335 'give':215 'go':72 'good':104 'great':303 'hackerman':75 'happen':349 'hole':309 'howev':284 'hugo':300 'ideal':16 'keep':138 'like':23,299,326 'listen':277 'littl':252 'll':2,82,198,214,248,339 'local':34 'lock':115 'login':66,90 'long':7,232 'make':46,127 'mfa':11 'minim':113 'minor':55 'multipl':64 'nas':14,152,180 'need':165,206 'network':35 'nice':352 'noth':276 'one':204,210 'open':306 'page':295 'part':45 'peopl':139,188 'person':286 'poke':76 'poop':250 'port':148,160,176 'possibl':129,311 'privileg':217 'probabl':70 'public':155 'put':289 're':69,99,235,269 'read':207 'read/write/execute':216 'recip':328 'rememb':266 'remot':27 'router':172 'rule':105 'say':185 'secur':41,109 'see':257 'sensibl':38,237 'silli':183 'site':325,342 'someth':298 'sometim':187 'ssh':87 'static':324 'still':249 'stuff':79,330 'subfold':229 'suggest':288 'sure':47 'synolog':36 'system':223 'think':189 'thumb':107 'time':255 'tool':136,241,315 'tri':85,261,283 'turn':123,199 'updat':51,56 'use':101,239,297,313 'user':205,220 'way':196 'whenev':346 'wordpress':93,102 'write':279"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6915143"
+editedAt: null
+createdAt: DateTimeImmutable @1703860115 {#4292
date: 2023-12-29 15:28:35.0 +01:00
}
} |
|
Show voter details
|
| 140 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4296
+user: App\Entity\User {#4309 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: """
You’ll be fine enough as long as you enable MFA on your Nas, and ideally configure it so that anything “fun”, like administrative controls or remote access, are only available on the local network.\n
\n
Synology has sensible defaults for security, for the most part. Make sure you have automated updates enabled, even for minor updates, and ensure it’s configured to block multiple failed login attempts.\n
\n
You’re probably not going to get hackerman poking at your stuff, but you’ll get bots trying to ssh in, and login to the WordPress admin console, even if you’re not using WordPress.\n
\n
A good rule of thumb for securing computers is to minimize access/privilege/connectivity. \n
Lock everything down as far as you can, turn off everything that makes it possible to access it, and enable every tool for keeping people out or dissuading attackers. \n
Now you can enable port 443 on your Nas to be publicly available, and only that port because you don’t need anything else. \n
You can enable your router to forward only port 443 to your Nas.\n
\n
It feels silly to say, but sometimes people think “my firewall is getting in the way, I’ll turn it off”, or “this one user needs read access to one file, so I’ll give read/write/execute privileges to every user in the system to this folder and every subfolder”.\n
\n
So as long as you’re basically sensible and use the tools available, you should be fine. \n
You’ll still poop a little the first time you see that 800 bots tried to break in. Just remember that they’re doing that *now*, there’s just nothing listening to write down that they tried.\n
\n
However, the person who suggested putting cloudflare in front of GitHub pages and using something like Hugo is a great example of “opening as few holes as possible”, and “using the tools available”. \n
It’s what I do for my static sites, like my recipes and stuff. \n
You can get a GitHub action configured that’ll compile the site and deploy it whenever a commit happens, which is nice.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1703860115 {#4291
date: 2023-12-29 15:28:35.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4297 …}
+nested: Doctrine\ORM\PersistentCollection {#4299 …}
+votes: Doctrine\ORM\PersistentCollection {#4301 …}
+reports: Doctrine\ORM\PersistentCollection {#4303 …}
+favourites: Doctrine\ORM\PersistentCollection {#4305 …}
+notifications: Doctrine\ORM\PersistentCollection {#4307 …}
-id: 262216
-bodyTs: "'443':149,177 '800':259 'access':28,131,208 'access/privilege/connectivity':114 'action':336 'admin':94 'administr':24 'anyth':21,166 'attack':143 'attempt':67 'autom':50 'avail':31,156,242,316 'basic':236 'block':63 'bot':84,260 'break':263 'cloudflar':290 'commit':348 'compil':340 'comput':110 'configur':17,61,337 'consol':95 'control':25 'default':39 'deploy':344 'dissuad':142 'els':167 'enabl':10,52,134,147,170 'enough':5 'ensur':58 'even':53,96 'everi':135,219,228 'everyth':116,125 'exampl':304 'fail':65 'far':119 'feel':182 'file':211 'fine':4,246 'firewal':191 'first':254 'folder':226 'forward':174 'front':292 'fun':22 'get':74,83,193,333 'github':294,335 'give':215 'go':72 'good':104 'great':303 'hackerman':75 'happen':349 'hole':309 'howev':284 'hugo':300 'ideal':16 'keep':138 'like':23,299,326 'listen':277 'littl':252 'll':2,82,198,214,248,339 'local':34 'lock':115 'login':66,90 'long':7,232 'make':46,127 'mfa':11 'minim':113 'minor':55 'multipl':64 'nas':14,152,180 'need':165,206 'network':35 'nice':352 'noth':276 'one':204,210 'open':306 'page':295 'part':45 'peopl':139,188 'person':286 'poke':76 'poop':250 'port':148,160,176 'possibl':129,311 'privileg':217 'probabl':70 'public':155 'put':289 're':69,99,235,269 'read':207 'read/write/execute':216 'recip':328 'rememb':266 'remot':27 'router':172 'rule':105 'say':185 'secur':41,109 'see':257 'sensibl':38,237 'silli':183 'site':325,342 'someth':298 'sometim':187 'ssh':87 'static':324 'still':249 'stuff':79,330 'subfold':229 'suggest':288 'sure':47 'synolog':36 'system':223 'think':189 'thumb':107 'time':255 'tool':136,241,315 'tri':85,261,283 'turn':123,199 'updat':51,56 'use':101,239,297,313 'user':205,220 'way':196 'whenev':346 'wordpress':93,102 'write':279"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6915143"
+editedAt: null
+createdAt: DateTimeImmutable @1703860115 {#4292
date: 2023-12-29 15:28:35.0 +01:00
}
} |
|
Show voter details
|
| 141 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 142 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4369
+user: App\Entity\User {#4382 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If it’s a static site, you can host that anywhere for free on the big cloud providers, aws has s3 storage, Microsoft has blobs, github has pages, all which can be configured to run a site well under the paid tiers."
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703858279 {#4364
date: 2023-12-29 14:57:59.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4370 …}
+nested: Doctrine\ORM\PersistentCollection {#4372 …}
+votes: Doctrine\ORM\PersistentCollection {#4374 …}
+reports: Doctrine\ORM\PersistentCollection {#4376 …}
+favourites: Doctrine\ORM\PersistentCollection {#4378 …}
+notifications: Doctrine\ORM\PersistentCollection {#4380 …}
-id: 262145
-bodyTs: "'anywher':11 'aw':19 'big':16 'blob':25 'cloud':17 'configur':33 'free':13 'github':26 'host':9 'microsoft':23 'page':28 'paid':41 'provid':18 'run':35 's3':21 'site':6,37 'static':5 'storag':22 'tier':42 'well':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291337"
+editedAt: null
+createdAt: DateTimeImmutable @1703858279 {#4365
date: 2023-12-29 14:57:59.0 +01:00
}
} |
|
Show voter details
|
| 143 |
DENIED
|
edit
|
App\Entity\EntryComment {#4369
+user: App\Entity\User {#4382 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If it’s a static site, you can host that anywhere for free on the big cloud providers, aws has s3 storage, Microsoft has blobs, github has pages, all which can be configured to run a site well under the paid tiers."
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703858279 {#4364
date: 2023-12-29 14:57:59.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4370 …}
+nested: Doctrine\ORM\PersistentCollection {#4372 …}
+votes: Doctrine\ORM\PersistentCollection {#4374 …}
+reports: Doctrine\ORM\PersistentCollection {#4376 …}
+favourites: Doctrine\ORM\PersistentCollection {#4378 …}
+notifications: Doctrine\ORM\PersistentCollection {#4380 …}
-id: 262145
-bodyTs: "'anywher':11 'aw':19 'big':16 'blob':25 'cloud':17 'configur':33 'free':13 'github':26 'host':9 'microsoft':23 'page':28 'paid':41 'provid':18 'run':35 's3':21 'site':6,37 'static':5 'storag':22 'tier':42 'well':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291337"
+editedAt: null
+createdAt: DateTimeImmutable @1703858279 {#4365
date: 2023-12-29 14:57:59.0 +01:00
}
} |
|
Show voter details
|
| 144 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4369
+user: App\Entity\User {#4382 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If it’s a static site, you can host that anywhere for free on the big cloud providers, aws has s3 storage, Microsoft has blobs, github has pages, all which can be configured to run a site well under the paid tiers."
+lang: "en"
+isAdult: false
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1703858279 {#4364
date: 2023-12-29 14:57:59.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4370 …}
+nested: Doctrine\ORM\PersistentCollection {#4372 …}
+votes: Doctrine\ORM\PersistentCollection {#4374 …}
+reports: Doctrine\ORM\PersistentCollection {#4376 …}
+favourites: Doctrine\ORM\PersistentCollection {#4378 …}
+notifications: Doctrine\ORM\PersistentCollection {#4380 …}
-id: 262145
-bodyTs: "'anywher':11 'aw':19 'big':16 'blob':25 'cloud':17 'configur':33 'free':13 'github':26 'host':9 'microsoft':23 'page':28 'paid':41 'provid':18 'run':35 's3':21 'site':6,37 'static':5 'storag':22 'tier':42 'well':38"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6291337"
+editedAt: null
+createdAt: DateTimeImmutable @1703858279 {#4365
date: 2023-12-29 14:57:59.0 +01:00
}
} |
|
Show voter details
|
| 145 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 146 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4442
+user: App\Entity\User {#4455 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If you’re exposing via cloudflare tunnels instead of pointing at your public IP then eveything other people have said covers it. If you are using your public IP then it’s worth blocking non-cloudflare IPs from accessing the site directly"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703902670 {#4437
date: 2023-12-30 03:17:50.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4443 …}
+nested: Doctrine\ORM\PersistentCollection {#4445 …}
+votes: Doctrine\ORM\PersistentCollection {#4447 …}
+reports: Doctrine\ORM\PersistentCollection {#4449 …}
+favourites: Doctrine\ORM\PersistentCollection {#4451 …}
+notifications: Doctrine\ORM\PersistentCollection {#4453 …}
-id: 263807
-bodyTs: "'access':40 'block':34 'cloudflar':6,37 'cover':21 'direct':43 'eveyth':16 'expos':4 'instead':8 'ip':14,29,38 'non':36 'non-cloudflar':35 'peopl':18 'point':10 'public':13,28 're':3 'said':20 'site':42 'tunnel':7 'use':26 'via':5 'worth':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5461539"
+editedAt: null
+createdAt: DateTimeImmutable @1703902670 {#4438
date: 2023-12-30 03:17:50.0 +01:00
}
} |
|
Show voter details
|
| 147 |
DENIED
|
edit
|
App\Entity\EntryComment {#4442
+user: App\Entity\User {#4455 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If you’re exposing via cloudflare tunnels instead of pointing at your public IP then eveything other people have said covers it. If you are using your public IP then it’s worth blocking non-cloudflare IPs from accessing the site directly"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703902670 {#4437
date: 2023-12-30 03:17:50.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4443 …}
+nested: Doctrine\ORM\PersistentCollection {#4445 …}
+votes: Doctrine\ORM\PersistentCollection {#4447 …}
+reports: Doctrine\ORM\PersistentCollection {#4449 …}
+favourites: Doctrine\ORM\PersistentCollection {#4451 …}
+notifications: Doctrine\ORM\PersistentCollection {#4453 …}
-id: 263807
-bodyTs: "'access':40 'block':34 'cloudflar':6,37 'cover':21 'direct':43 'eveyth':16 'expos':4 'instead':8 'ip':14,29,38 'non':36 'non-cloudflar':35 'peopl':18 'point':10 'public':13,28 're':3 'said':20 'site':42 'tunnel':7 'use':26 'via':5 'worth':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5461539"
+editedAt: null
+createdAt: DateTimeImmutable @1703902670 {#4438
date: 2023-12-30 03:17:50.0 +01:00
}
} |
|
Show voter details
|
| 148 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4442
+user: App\Entity\User {#4455 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "If you’re exposing via cloudflare tunnels instead of pointing at your public IP then eveything other people have said covers it. If you are using your public IP then it’s worth blocking non-cloudflare IPs from accessing the site directly"
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1703902670 {#4437
date: 2023-12-30 03:17:50.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4443 …}
+nested: Doctrine\ORM\PersistentCollection {#4445 …}
+votes: Doctrine\ORM\PersistentCollection {#4447 …}
+reports: Doctrine\ORM\PersistentCollection {#4449 …}
+favourites: Doctrine\ORM\PersistentCollection {#4451 …}
+notifications: Doctrine\ORM\PersistentCollection {#4453 …}
-id: 263807
-bodyTs: "'access':40 'block':34 'cloudflar':6,37 'cover':21 'direct':43 'eveyth':16 'expos':4 'instead':8 'ip':14,29,38 'non':36 'non-cloudflar':35 'peopl':18 'point':10 'public':13,28 're':3 'said':20 'site':42 'tunnel':7 'use':26 'via':5 'worth':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.uk/comment/5461539"
+editedAt: null
+createdAt: DateTimeImmutable @1703902670 {#4438
date: 2023-12-30 03:17:50.0 +01:00
}
} |
|
Show voter details
|
| 149 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 150 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4516
+user: App\Entity\User {#4529 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I’m definitely a fan of Gitlab pages for simple webpages I just want on the Internet. It’s nice to have the code hosted anyways (gives me that off site back up safety so my stuff at home can go down if needed)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704013917 {#4511
date: 2023-12-31 10:11:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4517 …}
+nested: Doctrine\ORM\PersistentCollection {#4519 …}
+votes: Doctrine\ORM\PersistentCollection {#4521 …}
+reports: Doctrine\ORM\PersistentCollection {#4523 …}
+favourites: Doctrine\ORM\PersistentCollection {#4525 …}
+notifications: Doctrine\ORM\PersistentCollection {#4527 …}
-id: 266994
-bodyTs: "'anyway':26 'back':32 'code':24 'definit':3 'fan':5 'gitlab':7 'give':27 'go':41 'home':39 'host':25 'internet':17 'm':2 'need':44 'nice':20 'page':8 'safeti':34 'simpl':10 'site':31 'stuff':37 'want':14 'webpag':11"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6954617"
+editedAt: null
+createdAt: DateTimeImmutable @1704013917 {#4512
date: 2023-12-31 10:11:57.0 +01:00
}
} |
|
Show voter details
|
| 151 |
DENIED
|
edit
|
App\Entity\EntryComment {#4516
+user: App\Entity\User {#4529 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I’m definitely a fan of Gitlab pages for simple webpages I just want on the Internet. It’s nice to have the code hosted anyways (gives me that off site back up safety so my stuff at home can go down if needed)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704013917 {#4511
date: 2023-12-31 10:11:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4517 …}
+nested: Doctrine\ORM\PersistentCollection {#4519 …}
+votes: Doctrine\ORM\PersistentCollection {#4521 …}
+reports: Doctrine\ORM\PersistentCollection {#4523 …}
+favourites: Doctrine\ORM\PersistentCollection {#4525 …}
+notifications: Doctrine\ORM\PersistentCollection {#4527 …}
-id: 266994
-bodyTs: "'anyway':26 'back':32 'code':24 'definit':3 'fan':5 'gitlab':7 'give':27 'go':41 'home':39 'host':25 'internet':17 'm':2 'need':44 'nice':20 'page':8 'safeti':34 'simpl':10 'site':31 'stuff':37 'want':14 'webpag':11"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6954617"
+editedAt: null
+createdAt: DateTimeImmutable @1704013917 {#4512
date: 2023-12-31 10:11:57.0 +01:00
}
} |
|
Show voter details
|
| 152 |
DENIED
|
moderate
|
App\Entity\EntryComment {#4516
+user: App\Entity\User {#4529 …}
+entry: App\Entity\Entry {#2412
+user: Proxies\__CG__\App\Entity\User {#1970 …}
+magazine: App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
+slug: "How-safe-is-self-hosting-a-public-website-behind-Cloudflare"
+title: "How safe is self-hosting a public website behind Cloudflare?"
+url: null
+body: """
I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.\n
\n
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?\n
\n
In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.\n
\n
Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 37
+favouriteCount: 113
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1710850621 {#2410
date: 2024-03-19 13:17:01.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1884 …}
+votes: Doctrine\ORM\PersistentCollection {#1973 …}
+reports: Doctrine\ORM\PersistentCollection {#1959 …}
+favourites: Doctrine\ORM\PersistentCollection {#1927 …}
+notifications: Doctrine\ORM\PersistentCollection {#2442 …}
+badges: Doctrine\ORM\PersistentCollection {#2440 …}
+children: []
-id: 25623
-titleTs: "'behind':10 'cloudflar':11 'host':6 'public':8 'safe':2 'self':5 'self-host':4 'websit':9"
-bodyTs: "'access':131 'actual':33 'avail':82 'behind':97 'blog':18,90 'call':173 'cloudflar':64,101,165 'constant':7 'contain':95 'docker':62,94 'domain':56 'els':45 'enough':107,118 'everyon':144 'everyth':126 'familiar':59 'find':8 'first':170 'get':127 'github':163 'go':157 'help':149 'host':47,79 'hurt':76 'insert':88 'isol':112 'know':117 'level':108 'look':161 'm':156 'name':57 'nas':53,86,135 'need':176 'often':12 'open':69 'page':167 'paranoid':124 'pay':43 'peopl':15 'platform':91 'pop':128 'port':171 'problem':11 'protect':102,110 'provid':130 'public':81 'realli':148 'reassur':152 'repli':143 'simpl':89 'solut':9 'someon':44 'somewhat':151 'somewher':27 'sort':99 'start':34 'sweet':55 'synolog':52 'tech':4,17 'thank':140 'theori':104 'think':21,154 'tunnel':65 'updat':139 'use':87 've':146 'want':31,41 'websit':83 'well':29 'whole':138 'wider':134 'work':2 'world':74 'would':66 'write':24"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1703943518
+visibility: "visible "
+apId: "https://feddit.uk/post/6114725"
+editedAt: DateTimeImmutable @1709383228 {#1850
date: 2024-03-02 13:40:28.0 +01:00
}
+createdAt: DateTimeImmutable @1703857118 {#2420
date: 2023-12-29 14:38:38.0 +01:00
}
}
+magazine: App\Entity\Magazine {#266}
+image: null
+parent: null
+root: null
+body: "I’m definitely a fan of Gitlab pages for simple webpages I just want on the Internet. It’s nice to have the code hosted anyways (gives me that off site back up safety so my stuff at home can go down if needed)."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704013917 {#4511
date: 2023-12-31 10:11:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@TedZanzibar@feddit.uk"
]
+children: Doctrine\ORM\PersistentCollection {#4517 …}
+nested: Doctrine\ORM\PersistentCollection {#4519 …}
+votes: Doctrine\ORM\PersistentCollection {#4521 …}
+reports: Doctrine\ORM\PersistentCollection {#4523 …}
+favourites: Doctrine\ORM\PersistentCollection {#4525 …}
+notifications: Doctrine\ORM\PersistentCollection {#4527 …}
-id: 266994
-bodyTs: "'anyway':26 'back':32 'code':24 'definit':3 'fan':5 'gitlab':7 'give':27 'go':41 'home':39 'host':25 'internet':17 'm':2 'need':44 'nice':20 'page':8 'safeti':34 'simpl':10 'site':31 'stuff':37 'want':14 'webpag':11"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://sh.itjust.works/comment/6954617"
+editedAt: null
+createdAt: DateTimeImmutable @1704013917 {#4512
date: 2023-12-31 10:11:57.0 +01:00
}
} |
|
Show voter details
|
| 153 |
DENIED
|
edit
|
App\Entity\Magazine {#266
+icon: Proxies\__CG__\App\Entity\Image {#247 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#276
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#238 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#234 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#223 …}
+entries: Doctrine\ORM\PersistentCollection {#181 …}
+posts: Doctrine\ORM\PersistentCollection {#139 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#201 …}
+bans: Doctrine\ORM\PersistentCollection {#118 …}
+reports: Doctrine\ORM\PersistentCollection {#104 …}
+badges: Doctrine\ORM\PersistentCollection {#82 …}
+logs: Doctrine\ORM\PersistentCollection {#72 …}
+awards: Doctrine\ORM\PersistentCollection {#61 …}
+categories: Doctrine\ORM\PersistentCollection {#1820 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#270
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#272
date: 2023-12-25 04:10:26.0 +01:00
}
} |
|
Show voter details
|