Like the title says, I’m new to self hosting world. 😀 while I was researching, I found out that many people dissuaded me to self host email server. Just too complicated and hard to manage. What other services that you think we should just go use the currently available providers in the market and why? 🙂thank you
I’ll leave with this. ANY service exposed publicly or not should not have vulnerabilities. If there is any hint that your NAS webserver has vulnerabilities, it shouldn’t even be used internally. So to me, it does not matter. I don’t expose my NAS webserver because I have no reason to increase my attack surface that wide.
But I’m comfortable exposing any of my internal services as needed because I’ve personally checked the source code for vulnerabilities, and have proper checks in place on top of regular security updates. I understand why others wouldn’t think the same way, as this takes a high level of confidence in your ability to assess the security posture of your systems and network. I’ve had penetration tests in my network, conduct them myself for business.
It would be nice if we, and apps’ developers, always knew what the vulnerabilities are. They generally exist because the developer doesn’t know about them yet, or hasn’t found a solution yet (though ideally has been transparent about that). Zero-day exploits happen. There’s always a first person or group discovering a flaw.
If being up to date and using SSL was all it took, security would be a lot simpler.
No one security measure is ever foolproof, other than taking everything offline. But multiple used in tandem make it somewhere between inconveniently and impractically difficult to breach a system.