←back to thread

Hosting a website on a disposable vape

(bogdanthegeek.github.io)
1386 points BogdanTheGeek | 1 comments | 15 Sep 25 17:53 UTC | HN request time: 0.337s | source
Show context
dudeWithAMood ◴[14 Sep 25 23:52 UTC] No.45244542[source]
What were you doing to get traffic from the open Internet to your webserver at home? I always felt that was a risky proposition, but I might just be stupid.
replies(7): >>45244576 #>>45244600 #>>45244883 #>>45244898 #>>45245346 #>>45246601 #>>45248192 #
1. mysteria ◴[15 Sep 25 02:10 UTC] No.45245346[source]
I've hosted at home for years and if you have it properly setup it's not any more risky than using a VPS. I have 443 open on my router and basically all web traffic is routed to a container on my server. The container is on an isolated vlan and basically runs nginx as a ssl reverse proxy.

The actual web services behind the proxy run in their own containers and with proper isolation and firewall rules the effects of a security compromise are limited. At most an attacker will be able to take over the containers with an exploit (and they could do that with a VPS as well) but they won't be able to access the rest of the network or my secure internal systems.

If I was this guy and wanted to let people connect directly to my vapeserver I would simply host it on another vlan and port forward the HTTP connection. Even if someone manages to take over such an obscure system they're not going to be able to do much.