Well for one its not as automatic as it sounds. Basic protections will get you far. I have a minecraft server exposed but it only accepts connections from 3 specific places. Remember its the same as ever other real life deterrant, make yourself less of a target than the next guy. It also really helps not having juicy company data on your network. Home networks are way less of a target because you dont have any fine booty to loot.
this post was submitted on 25 Jan 2026
146 points (98.0% liked)
Selfhosted
56958 readers
662 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Would something like Anubis or Iocaine prevent what you're worried about?
I haven't used either, but from what I understand they're both lightweight programs to prevent bot scraping. I think Anubis analyzes web traffic and blocks bots when detected, and Iocaine does something similar but also creates a maze of garbage data to redirect those bots into, in order to poison the AI itself and consume excessive resources on the end of the companies attempting to scrape the data.
Obviously what others have said about firewalls, VPNs, and antivirus still applies; maybe also a rootkit hunter and Linux Malware Detect? I'm still new to this though, so you probably know more about all that than I do. Sorry if I'm stating the obvious.
Not sure if this is overkill but maybe Network Security Toolkit might have some helpful tools as well?
It's all about server hardening. See https://blog.melroy.org/2023/server-hardening/
Wow is that ever a load of snake oil.
I see this kind of guide as actively harmful because it creates a false sense of security.
load more comments
(3 replies)
Tailscale on everything
- routine patching
- siem log aggregation
- proper alerting metrics and notifications
- routine virus scanning
- proper network segregation between your NATd network and your personal network
- firewall firewall firewall
- expose your applications to the internet through a WAF, never directly
if you can do all these things properly, then there shouldn't be too much danger in selfhosting your apps publicly.