Self Hosting Discussion

Do you have a synchronous internet connection
Well actually, the internet connection, is not yet setup, but this is a good point to consider.
Guess I need to explain a little. It was only this year that the phone company, put in a underground “fiber optic” cable, they also have built a “station”, or terminal of sorts, I am not sure what it would be called, but it is where the lines can be connected ,etc. In a nut shell,just this year , our pueblo finally has a real “land line” , They have installed the lines, and I am going to be contacting them soon to start the service, …Obviously it will be important to make sure they know what I will be doing, so that we are sure to get the kind connection I will need.
Here where I work, but it is in a bigger town, the office has a pretty good network set up, and I am impressed with how well the modem,etc. works. Also there are several “internet cafes”, using the same phone company,etc. Don’t get me wrong, I will not be setting it up here, where I work, obviously that would not be a good idea, I realize for a server, it needs to be separate from the other computers,etc.
What I have in mind is very similar to what "Kiwiheretic ", describes, in post nmbr 5, It will not be a "full blown e-commerce system ", but a small “local” sort of site.
I am almost late for work, so later this evening I will try to get back, thanks for sharing

How do you know it hasn’t been hacked? And what happens when someone hacks this website and uses that as a springboard to hit the rest of the network?

The question I’d ask myself in 2014 is “can I serve this better and cheaper than AWS or Azure?”

How does anyone know? We would know if someone had tampered with the web pages. The sites not that big.

We don’t have any unnecessary services running on the web server. It has SELinux enable so that gives us NSA level security I’m told (or if you believe the press releases).

I shouldn’t think we would be any more at risk than your average home user who accesses the internet from his windows machine and has installed a standard vurus scanner.

One major thing not mentioned in this thread is it against your broadband suppliers TOS?
The internet cafes will probably be paying a business rate much higher than you will be paying.

Monitoring software on a separate system that will alert you if the hosting computer crashes at 3am in the morning so you can wake up and reboot it.

What happens if you go away on holiday and something goes wrong.

I suppose it would be interesting to try but I do not think you could run an important site like this.

How do you know it hasn’t been hacked? And what happens when someone hacks this website and uses that as a springboard to hit the rest of the network?

This is why I would have the server on its own modem, completely separate from any other networks, Same as his reply, I am not going to be starting with anything big, just a small website, and a couple of forums,. But even on bigger sites, the access logs, if reviewed regularly , show a lot. Up until now I had never heard of Azure, or AWS, so I did a google. Microsoft and any “windows” products, I stay away from, very insecure,unreliable, I use only linux, and open source software. I have heard NASA, uses Linux, and I believe that, they need a high level of security, and reliability, but that would be another topic , I think. There is a reason though, that most servers and webhosts use either Linux or unix.

I shouldn’t think we would be any more at risk than your average home user who accesses the internet from his windows machine and has installed a standard vurus scanner.
You are probably at considerably less risk, if you are using linux.

What happens if you go away on holiday and something goes wrong.

That is a good question, and would be something to consider, but also usually things can be done “remotely” too. In my case, I don’t have the money, nor the desire to go anywhere , taking “holidays”, is not part of my life style. However someone that is very seldom at home, often traveling around, taking holidays, well probably they would not want to take on a project like this.

I suppose it would be interesting to try but I do not think you could run an important site like this.
To start with , I don’t have the kind of experience needed to manage a site like this one, also, I am sure it takes a lot more then just 1 person. That leads to a question I had been wanting to ask, though, it is “off topic”, but any way, what kind of forum software are they using here ? or is it “custom written” by members of the SitePoint team ?
The website,and forums I would have, will not be very “popular” not high traffic, I am using a paid host at this time, but really the traffic I get does not warrant that. In our community, there is nothing for the young people, students, no internet cafe, There are a few kids, that have a genuine interest in learning more, but also no one to teach them, setting up our own server. hosting our own site, will be a very valuable experience for not only me, but some of the kids that have interest.
I had not mentioned any thng about the TOS, because I thought that is a obvious thing, obviously everything needs to be in agreement with the TOS of the internet provider.

The internet cafes will probably be paying a business rate much higher than you will be paying.
That depends, there are some government programs here, that help communities that don’t have resources such as internet cafes, because our community (pueblo) dose not have that, the rates are lower, and the government has a program where they pay part of it.

Its currently vBulletin but they are moving to Discourse despite its beta status and being unproven. I guess Sitepoint likes being adventurous.

[ot]

That’s a bit harsh. There are a lot of factors that contributed to the decision, ease of developing new features, being able to fully customize it to our needs (because it isn’t built with already established assumptions), and the fact that this community hasn’t really been a community in a long time and needs a major revitalization.

Sure it could be viewed as risky, but watching a sinking ship continue to sink, isn’t much of a plan either. We are simply giving out lifeboats to a new ship we can build upon.[/ot]

We’ve actually been working closely with Jeff for a while to get it out of Beta and to ensure that it is scalable. It is a risk, sure, but perhaps not the risk that you consider it to be.

Good quality commercial hosting doesn’t crash often. The last time I needed to reboot my primary server was over 2 years ago. If it does crash, they have staff on hand to deal with it 24/7. What happens when a self-host is at work, or asleep? Sites go down and stay down.

Most commercial hosting uses raid, professional quality disks meant to run 24/7/365, and will have on and off site backup. Most home servers won’t have the same redundancy and resilience unless you spend hundreds on professional level components which brings me to the next point…

Cheap hosting costs less than the $10 a month it costs in electricity to host at home. If you factor in your broadband cost, and equipment cost per annum then it’s more expensive to do it yourself.

Security has both technical administration and physical aspects, apart from network configuration. 24/7/365 monitoring and reaction to network threats isn’t possible by one person.

A server that can be stolen by a casual neighborhood thief throwing a brick through a window, or destroyed by a cat knocking a cup of cola onto it isn’t secure in the same way a server in a datacentre, with a team of security pros working around the clock, with razor wire fences, guards with swipe cards, CCTV, motion sensors, and halon fire suppression is secure.

Those are valuable points, and the level of security needed, would also depend on a few things, obviously someone offering hosting service to others, be it free or paid, would need a higher level of security,
someone had said this,in the post by wwb_99 ,

The question I’d ask myself in 2014 is “can I serve this better and cheaper than AWS or Azure?”

I couldn’t really answer that, because I had not heard of either one, so I did a search with “google”, well, on Azure, since it is a micrsoft and windows, product, I did not look any further, but when I saw that AWS, stands for Amazon Web Service, I realized I had seen the name, I did some more research, since I am new here, and do not know if it is ok to post links to the sites I got my info, and also I don’t want this thread to become a controversy or discussion on if AWS is secure,and reliable etc, but I will go so far as to say, they may be bigger, then what I would have, mine would be for me, and maybe 2 or 3 others, but it would be considerable more secure, I would not permit. or host anyone or thing that is involved in producing malware, spam bots, hacks bots, etc. Apparently that is what a lot of the (not all), but a lot of the people using AWS are bad news, and that is where I had seen Amazon WebService dot com, it and any IPs connected with it are blocked on my sites, and many others. I had seen it in my logs, several users of AWS repeatedly try to register, and post spam, also try to “scrape” the entire site, and other nasty things.I could do better then that with my own server, hosting myself. But enough on that. In fact that is one reason I am considering doing this, so many hosts, even paid hosting, are only after the money, they will host anyone, and personally I do not want to be associated with any hosting service known to host spam sites, and other nasty things. But that is impossible, or would be very expensive, to find a hosting service that keeps a close watch on what kind of clients they have.
Ok well for now, that is all .

Hosting at home is the most expensive hosting option there is.

Simply moving your server from your home to a colocation hosting provider will save you thousands in infrastructure costs - UPS, monitoring etc. and provide you with a much cheaper way of getting a high speed internet connection to the server.

If even that is too expensive then a dedicated hosting package will be even cheaper as they get economies by buying the server gear in bulk.

Yes, you may be right, I think that is going to be the biggest obstacle, getting the equipment, etc, and it is expensive. I do have enough to start something small, and if the power fails, well, it would be offline, I do have a small regulator, that uses battery power too, it will last about a hour, if the power fails, I did not mention in my profile, but I am a ham radio operator, and have a lot “old junk” around, a solar powered battery charger, can be built fairly cheap, and it is more then enough, to keep batteries charged,etc.

You mention that you block amazon ip addresses, but do you realise that if the ip address of your connection is from a standard ISP pool, then any email server transmitting from (e.g email notifications from hosted sites) it will likely be blocked, either via the ISP itself or it will be filtered as high risk by the end recipients email provider.

Not blocking them for e-mail, they are blocked from registering to various forums,and sites that have guest books, blogs, etc. Amazon.com is a high source of spam. I do realize that dose affect the few that are not spammers as well, it is a complicated thing. However, if a real person gets blocked, there is a means, that they can contact me, then if I decide to do so, I can “white list” thier IP, etc,…so they can register. Let me show you a recent log,


#: 3889 @: Sat, 15 Feb 2014 08:38:40 -0800 Running: 0.4.10a3 / 75d
Host: ec2-54-206-24-46.ap-southeast-2.compute.amazonaws.com
IP: 54.206.24.46
Score: 1
Violation count: 1 
Why blocked: Amazon Web Services. Not an access provider ISP. Used by hackers, Keyword spamming SEO bots, and other unsavories (CLD-0AMZ). Checked for bypass - 
Query: action=help
Referer: ( I removed the URL, it was my site)
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31
Reconstructed URL: (REMOVED the URL,same is my site )

The above is a copy of one of the log entrys, to be honest I do not get very many of the Amazon Web
I am using a php script, called zbblock, there is a discussion on this, on his support forum. However I do not think I can post a link to the discussion, ? Also I hope I am not “out of line” with this post.

Your processing of incoming traffic in no way affects outgoing email from your web server. What I’m trying to illustrate is that other email server operators will view email coming from a broadband pool of IPs (which your web server will have when hosted at home) as suspicious and high risk, in the same way you are (correctly) treating traffic coming from amazon ec2 which is unlikely to be legitimate visitors.

There are boatloads of legitimate services – such as many folks browsing the web on kindles – that use the IAAS to serve legitimate uses.

I’ll note that in general recent versions of Microsoft’s web stack have been more secure and just as if not more reliable than comparable non-microsoft options. Apache is the old, dated kid on the block who has a broken security model in 2014.

Just a quick reply, to say thanks for sharing, and acknowledge that I have read them,
I think , even if I do start a “home server”, especially for my e-mail, I would keep using the paid hosting I use,
For me that is importan that it is reliable.

After all is said it would not do any harm to try it out and it could be an interesting project for you. From what I remember you need some DNS settings so the users can find you and there are some companies around which will provide them free - I can not remember the one I was recommended when I was looking to do my own storage server a couple of years ago.

You could also use it as your personal cloud storage - again I can not remember the name but there is some software based on torrent? which allows you to setup a cloud type system.

Why do you say that? On Apache’s own web site it says that exploits are generally down to the add on code running on it rather than the server itself.