Self Hosted - Self-hosting your services.

11419 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.

Cross-posting

!everything_git@lemmy.ml is allowed!
!docker@lemmy.ml is allowed!
!portainer@lemmy.ml is allowed!
!fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
!selfhosted@lemmy.ml is allowed!

If you see a rule-breaker please DM the mods!

founded 3 years ago

MODERATORS

Zoe8338@lemmy.ml

dogmuffins@lemmy.ml

testman@lemmy.ml

Using a VPN provider vs self-hosting a VPN (mander.xyz)

submitted 2 years ago* (last edited 2 years ago) by Sal@mander.xyz to c/selfhost@lemmy.ml

23 comments fedilink hide all child comments

I have seen the following argument (summarized here as I understand it):

Despite the promises that VPN providers make, it is known that they will often monitor your traffic, collect logs, might share your information, and will collaborate with law enforcement. Renting a VPS and running an OpenVPN server on it and using that as your VPN, is better - because you have full control over the logs. Let's assume we trust the VPS provider to adhere to their TOS and privacy policy.

To talk about a concrete typical usecase, I am thinking about how this applies to downloading illegal torrents. In my current view, the only scenario in which the self-hosted option makes sense is if you pay for hosting using crypto and reveal no personal information during the process. Otherwise using a VPS would be virtually the same as downloading it through your ISP - and in some cases even worse - because the VPS provider might be more easily pushed to throwing you under the bus if abuse is reported since this might be a TOS violation. On the other hand, a VPN provider has a much larger motivation to protect users against this because the way that users perceive these protections is fundamental to their business model.

So, is there a reason to self-host a VPN instead of using a VPN provider? If so, should the VPS be acquired anonymously, or are there ways to protect yourself while using a provider that you gave your personal information to?

you are viewing a single comment's thread
view the rest of the comments

[–] kromonos@fapsi.be 3 points 2 years ago (3 children)

I'm running 2 OpenVPN server. One on a VPS in Canada and one in Germany. The main purpose is to lock admin pages to a fix IP to increase security.
I always avoid the supposedly secure, paid VPN services, because you never know what is really recorded there. At least, you run your entire Internet traffic over it. And with these prices, you can almost lease a small VPS, install OpenVPN and browse through it.

[–] Sal@mander.xyz 2 points 2 years ago (2 children)

The main purpose is to lock admin pages to a fix IP to increase security.

What does that mean? Do you mean that you do this to have a static IP pointing to an admin page? Why does that increase security? Please forgive my ignorance 😅

At least, you run your entire Internet traffic over it. And with these prices, you can almost lease a small VPS, install OpenVPN and browse through it.

I spun an OpenVPN server today using the Nyr OpenVPN install script and it took less than 5 minutes. It is very easy to do! Now I am trying to decide whether it is worth keeping it.

[–] kromonos@fapsi.be 2 points 2 years ago* (last edited 2 years ago) (1 children)

Do you mean that you do this to have a static IP pointing to an admin page? Why does that increase security?

Exactly this. You can configure nginx/apache this way, that specific pages, like an admin interface, are only reachable from a specific IP range. If it comes from another one, you can return whatever you want.
It increases security in this way, that crawler don't even get known about such administrative pages and there's no way to brute-force the login.

Edit: Thanks for the tip with Nyr OpenVPN.

[–] Sal@mander.xyz 2 points 2 years ago

Exactly this. You can configure nginx/apache this way, that specific pages, like an admin interface, are only reachable from a specific IP range. If it comes from another one, you can return whatever you want.

Aah, that's very smart. Thanks for explaining!