• 2 Posts
  • 549 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle














  • Encrypt-Keeper@lemmy.worldtoTechnology@lemmy.worldWhat the hell Proton!
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    1
    ·
    9 days ago

    No, the context is that for many years, shady commercial VPNs would sponsor YouTubers and the scripts they were given were full of lies and half truths about the dangers of public WiFi, with the implication being that if you purchase their VPN service they will “protect you”. But the problems these VPN companies were claiming to solve have already been solved by HTTPS and it’s perfectly fine to use public WiFi without a VPN. They are using scare tactics to sell you a product.

    What this poster is saying is that they’re disappointed to see this same fear mongering misinformation from Proton, who have an otherwise good reputation for being consumer friendly.


  • There’s nothing wrong with just using a VPS for this. Despite what some mouth-frothing hobbyists will tell you, it’s still well within the realm of self hosting. There’s just no reason or difference for hosting a blog on your UnRAID server vs a VPS.

    If you really want to be some kind of purist and only use your own hardware, then you could configure a web server that can reverse proxy on your UnRAID server and forward port 443 in your router to your UnRAID box, but you’d have to change your UnRAID access port to something else. You’d want to keep this web server docker container up to date, and preferably see if you can implement some kind of WAF with it or in front of it. You’d then forward the requests from this web server to your ghost container.

    A better idea would be to use a different piece of hardware for this web server reverse proxy, like a raspberry pi or something, and put it on a different subnet in your house. Forward 443 to that, then proxy the connection back to UnRAID, in whatever port you bind the ghost container to. Then you can tighten access that raspberry pi has. Or hell, host the blog on that hardware as well and don’t allow any traffic to your main LAN.

    There are half a dozen better ways to do this, but they all require you to rely on a third party service to some extent.