Global namespace extremist. Defragment your communities!

  • 0 Posts
  • 25 Comments
Joined 1 year ago
Cake day: June 12th, 2023
  • deafboy@lemmy.worldtoSelfhosted@lemmy.worldEmail wowsers continueEnglish
    10·
    3 months ago

    Gmail offers imap amd smtp access. You have to enable 2FA, and then it will allow you to create account for so called “less secure apps”.

    In your place, I’d either continue using gmail directly, or finish the configuration of the self hosted mail server and just use that with any smtp/imap client. I suggest getting a separate domain for testing first, before moving your primary inbox there.

  • deafboy@lemmy.worldtoSelfhosted@lemmy.worldSSH Remote Access NO Port-Forwarding NO Cloudflare | 4rkalEnglish
    2·
    3 months ago

    you still need good security configuration of the exposed service.

    In a sense that security comes in layers, yes. But in practice, this setup will prevent 100% of bots scanning the internet for exposed services, and absolute majority of possible targeted attacks as well. It’s like using any other 3rd party VPN, except there’s not a central point for the traffic to flow through.

    From the attackers point of view, nothing is listening there.

    I’ve used a similar setup in the past to access a device behind a NAT (possibly multiple NATs) and a dynamic IPv4. Looking back, that ISP was a pure nightmare.

  • deafboy@lemmy.worldtoNews@lemmy.worldInside the 'Nightmare' Health Crisis of a Texas Bitcoin TownEnglish
    312·
    4 months ago

    rest of it reads like a copy-paste about the dangers of 5G cell towers

    I was just about to say boo-hoo, a dog gone bald, but 85 decibels measured from outside your window is brutal. There’s a reason these farms are mostly built in the middle of the desert, on the oil fields, or near a dam, with no residential housing nearby.

    Yeah, every medical emergency in town will be blamed on Mara from now on, but I’m not even mad. They’ve got themselves into this mess. For those who don’t know, they’ve built their entire marketing on being compliant with regulations :D

    The whole thing is awfully similar to the wind turbine controversy. The reasonable people spend years assuring the public that the windmills are not going to kill them, and then somebody comes up and says “Great! We’re gonna build our windfarm right next to these houses”.

  • deafboy@lemmy.worldtoSelfhosted@lemmy.worldIs it practically impossible for a newcomer selfhost without using centralised services, and get DDOSed or hacked?English
    3·
    5 months ago

    Of course security comes with layers, and if you’re not comfortable hosting services publically, use a VPN.

    However, 3 simple rules go a long way:

    1. Treat any machine or service on a local network as if they were publically accesible. That will prevent you from accidentally leaving the auth off, or leaving the weak/default passwords in place.

    2. Install services in a way that they are easy to patch. For example, prefer phpmyadmin from debian repo instead of just copy pasting the latest official release in the www folder. If you absolutely need the latest release, try a container maintained by a reasonable adult. (No offense to the handful of kids I’ve known providing a solid code, knowledge and bugreports for the general public!)

    3. Use unattended-upgrades, or an alternative auto update mechanism on rhel based distros, if you don’t want to become a fulltime sysadmin. The increased security is absolutely worth the very occasional breakage.

    4. You and your hardware are your worst enemies. There are tons of giudes on what a proper backup should look like, but don’t let that discourage you. Some backup is always better than NO backup. Even if it’s just a copy of critical files on an external usb drive. You can always go crazy later, and use snapshotting abilities of your filesystem (btrfs, zfs), build a separate backupserver, move it to a different physical location… sky really is the limit here.