So far, my self-hosting has been limited to Pi-Hole, and a static website. I now want to try out something new, an Immich server.
I have a static IP from my ISP, so I don’t need to rent out a VPS. However, given that this IS a home internet, I want to be extra sure that it is going to be secure.
In my existing website, I use Fail2Ban + BadBotBlocker + Anubis + Nginx rate limits to protect it from scrapers, bots and malicious users, and it works well. With photos (especially family photos) at stake, I just want to know more on how to protect my server.
Add: thanks for the helpful replies. I will be sharing the photos with family, many of whom live abroad.
I just use a WireGuard VPN. Makes it so much more simpler. At this point I don’t think I’ll ever expose anything to the public internet, seems like too much of a headache.
This is the way. And if you need to give someone outside of your home access, generate a VPN token for them to access your intranet and you’re golden. (And if you fall out, you revoke the token)