I understand that people enter the world of self hosting for various reasons. I am trying to dip my toes in this ocean to try and get away from privacy-offending centralised services such as Google, Cloudflare, AWS, etc.

As I spend more time here, I realise that it is practically impossible; especially for a newcomer, to setup any any usable self hosted web service without relying on these corporate behemoths.

I wanted to have my own little static website and alongside that run Immich, but I find that without Cloudflare, Google, and AWS, I run the risk of getting DDOSed or hacked. Also, since the physical server will be hosted at my home (to avoid AWS), there is a serious risk of infecting all devices at home as well (currently reading about VLANS to avoid this).

Am I correct in thinking that avoiding these corporations is impossible (and make peace with this situation), or are there ways to circumvent these giants and still have a good experience self hosting and using web services, even as a newcomer (all without draining my pockets too much)?

Edit: I was working on a lot of misconceptions and still have a lot of learn. Thank you all for your answers.

  • BearOfaTime@lemm.ee
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    19
    ·
    4 months ago

    What?

    I’ve popped up a web server and within a day had so many hits on the router (thousands per minute) that performance tanked.

    Yea, no, any exposed service will get hammered. Frankly I’m surprised that machine I setup didn’t get hacked.

    • poVoq@slrpnk.net
      link
      fedilink
      English
      arrow-up
      32
      ·
      4 months ago

      Don’t leave SSH on port 22 open as there are a lot of crawlers for that, otherwise I really can’t say I share your experience, and I have been self-hosting for years.

      • youmaynotknow@lemmy.ml
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        4 months ago

        Am I missing something? Why would anyone leave SSH open outside the internal network?

        All of my services have SSH disabled unless I need to do something, and then I only do it locally, and disable as soon as I’m done.

        Note that I don’t have a VPS anywhere.

          • youmaynotknow@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            4 months ago

            My firewall, server, NAS and all my services have web GUIs. If I need SSH access all I have to do is enable it via web GUI, do what I need to, disable again.

            If push comes to shove, I do have a portable monitor and a keyboard in storage if needed, but have not had the need to use them yet.

        • poVoq@slrpnk.net
          link
          fedilink
          English
          arrow-up
          6
          ·
          4 months ago

          Some people want to be able to reach their server via SSH when they are not at home, but yes I agree in general that is not necessary when running a real home server.

          • youmaynotknow@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            4 months ago

            Yeah, I guess I’ve never needed to do that. That may change as I’m thinking of moving all my services from UnRaid to ProxMox to leave UnRaid for storage only.

            I guess that’ll bring me back here soon enough.

    • Count042@lemmy.ml
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      I’ve been self-hosting a bunch of stuff for over a decade now, and have not had that issue.

      Except for a matrix server with open registration for a community that others not in the community started to use.

      • Auli@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 months ago

        Yes my biggest mistake was leaving a vps dns server wide open. It took months for it to get abused though.

    • Omgboom@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      You left stuff exposed is the only explanation. I’ve had services running for years without a problem

    • MangoPenguin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      4 months ago

      I can’t say I’ve seen anything like that on the webservers I’ve exposed to the internet. But it could vary based on the IP you have if it’s a target for something already I suppose.

      Frankly I’m surprised that machine I setup didn’t get hacked.

      How could it if all you had was a basic webserver running?