I had already set up a few websites before this day, but always ended up taking those down due to such small need, even though hosting costs for various services are fairly low nowadays.
This time I tried different approach. I ran out of space on my 1TB cloud storage service that I pay each month to store my files. The space running out was one problem, the other one was the constant though of needing to rely on, and to trust to, the 3rd party service provider. I had a wish to store my own files on my own server, and being able to upload and access those files anywhere anytime.
So, after giving it a thought, I decided to purchase a NAS with at least four bays for hard drives to be able to have either RAID 5 or RAID 6 on it.
Along with having my own “cloud”, the interface gave an opportunity to host one’s own website. Of course that means enabling port forwarding in the router settings, and I had been very strict about restricting almost everything that contained any risks having vulnerabilities. However, my passion about cyber security has made sure that at least I know how to minimize those risks when allowing to do port forwarding.
For example, I made sure to use long and strong passwords on each service, not being found on most popular password dictionaries, or need to be afraid of brute force working. Second thing was to enable automatic updates regarding router and NAS firmware, and also the software running on NAS. Third thing was to use the diagnose tool of NAS to see if it finds any high security risks and taking those holes down one by one. Fourth was to get rid of default admin user. Fifth was to enable MFA. Sixth was to blacklist automatically IP addresses that have too many attempts to login. Seventh was to do an aggressive scanning to my own public IP address, as that is totally fine and legal, I made sure that I liked what I saw.
Now, besides having NAS storage, I self-host my own website for free. I created and use my own SSL certificate. These contain some risks, but being aware of those risks and knowing things about basic cyber security, I decided to go for it.
Leave a Reply