I have been running a large server 24/7 for about a month and a half now. It is only for myself and the fam, no one else has access to it at all.
I’m trying to learn about selfhosting and whatnot, but it’s…a lot. Is there anything I need to do specifically besides configuring it correctly in order to protect it and myself. I hear people talking about putting stuff in dockers, putting things behind a reverse proxy, a VPN, etc.
I do currently have it running behind ProtonVPN but that’s it. Do I need to be doing more?
Thanks in advance for any help!
Hobbyist (not a security expert here) but using a VPN that’s trusted should be fine. Your security hinges on proton’s reputation but from what I know they’re pretty good. If I’m wrong please correct me in the comments and I will edit this comment.
I’ve used the services of at least 9 or 10 VPNs over the years and I have not once been as satisfied with any of them as I am with Proton.
For only external vpns mullvad is pretty good. Also, tailscale is free and their node-based system is really good.
As an all-in-one solution proton is pretty much as good as it gets from what I’ve seen. One of my friends swears by it as well.
It really does seem that the only step up in security is deploying a wireguard or ovpn server yourself, which is a little more complex. Not arch Linux levels of complexity, but intermediate tinkerer levels of complexity.
I stopped doing it because maintaining that shit and debugging it everytime it breaks just sucks. Tailscale is easier. Still not happy with the amount of trust I put into tailscale though.