How do self-hosters or smaller sites handle security?

ElectroVagrant@lemmy.world to No Stupid Questions@lemmy.world – 27 points –

Supposing that they, y'know, try to keep their setups secure anyway. With how much you see about breaches of different sites, it's hard to imagine individuals and smaller groups being able to keep their stuff secure.

Although, they may also benefit from being lower value targets in some respects, I suppose?

17

You are viewing a single comment

I use Cloudflare as my ingress point. They have a lot of features to provide security against a wide variety of attacks.

The answer for this one is the zero trust platform, use it to restrict only what you want to allow in email or ip address. Just make sure that the machine that is hosting the service isn’t exposing outside of cloudflare.

Edit: Also make sure you are backing up remember 3-2-1 for your backups.

💯 the Zero Trust platform is amazing. Cloudflare tunnels + access is my go-to for exposing services.

I see Cloudflare suggested a lot & can understand why (they appear to be maybe one of the only services that has a free option), but are there no affordable alternatives in this space? I ask as I'm reminded of the Docker situation in terms of Docker Hub's frequent suggestion and potential to throw folks off should they start limiting & charging for use.