Supposing that they, y’know, try to keep their setups secure anyway. With how much you see about breaches of different sites, it’s hard to imagine individuals and smaller groups being able to keep their stuff secure.
Although, they may also benefit from being lower value targets in some respects, I suppose?
I use Cloudflare as my ingress point. They have a lot of features to provide security against a wide variety of attacks.
The answer for this one is the zero trust platform, use it to restrict only what you want to allow in email or ip address. Just make sure that the machine that is hosting the service isn’t exposing outside of cloudflare.
Edit: Also make sure you are backing up remember 3-2-1 for your backups.
💯 the Zero Trust platform is amazing. Cloudflare tunnels + access is my go-to for exposing services.