A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
VPN is the way to go. Could use this opportunity to upgrade your router. I bought a box from protectli and run OPNsense on it. There's good documentation on how to set up a wireguard vpn, and the community is vibrant.
Its also nice because there's lots of options so its a nice thing to grow and learn with.
Use cloudflared and Cloudflare Zero Trust / Access. You tunnel your services to Cloudflare, who then secures them behind a 2FA wall. No traffic ever goes to anyone aside from you.
Crazy number domain doesn't provide any security but you can buy a 1.111B class .XYZ domain for as cheap as 0,62USD a year
ZeroTeir (or a VPN) - if all you want is to access those services from outside your network
IMO - the only reason to put something “on the internet” is so that the entire “internet” can access it
this ^ I use ZeroTier, and then point subdomains under my personal domain name at the ZeroTier IP for each of my devices. Then I can use those hostnames but no one else can, and name based virtual hosting is easy via wildcard sub-sub-domains
For example plex.desktop.mydomain.com -> *.desktop.mydomain.com -> desktop.mydomain.com -> 10.x.x.x
Warning: tk domains registrar has 0 GDPR.
Might be irrelevant now, but I didn't managed to delete my data once I wanted out
I never really understood the concept behind their free domains, but I never purchased a free/cheap domain after my first experience of getting charged 2-3 times for renewal.
However, are you talking about deletion of your personal data or your website data ?
Personal data.
They also moved a free domain that I have let expire to the paid ones, so if I wanted to renew I would have to pay... Which is kind of fair... They should also make money from somewhere...
When buying a domain read all the details: renewal fee are mentioned there. For me they were turnoffs in some cases.
I now have a .ovh as a cheap alternative. Iirc they are dirt cheap when you reserve the domain for 3 years...
Seriously as everyone suggests: use tailscale or another VPN. Tailscale is incredbly easy to setup.
Getting an obscure domain name doesn’t matter as attackers go straight to the IP address. If you have a certificate on your secret domain name, they have your domain the moment they hit port 443.
Don’t use “security through obscurity”; instead just secure your services or host a VPN.
This is my policy: For publicly accessible services like a website, I use a cloudflare tunnel. For restricted access to just a few users, I use a cloudflare tunnel and a cloudflare application to manage access authentication. For my exclusive restricted access to the infrastructure, I used tailscale.
I will also be using cloudlfared, but will have to look at tailscale. Really appreciate you mentioning
6 to 9 digit .xyz domains are only around $1 a year, every year. That's what I did and definitely recommend it. You can read more here.
Use tailscale
Couldn't you just get a regular domain and use a firewall to prevent access, so only your IP address(s) are able to access it.
I'm currently doing this myself, however I have a VPN on my local network that allows me access to my self-hosted service remotely as if I was at home.
There are other things you can do with cloudflare that will lock the sites down with authentication, but VPN and firewall have worked pretty well for my use cases.
If the domain isn't critical if it changes, you could use freedns.afraid.org.
I've been using the free version for over a decade (but did donate recently). A couple of domains have come and gone, so I've had to pick new ones, but it's not a big deal.
For just yourself? Get a domain that you can actually remember and use and then set up a WireGuard server (I recommend the Linuxserver.io WireGuard image)
Use that to access your stuff
Do you have 1 thing you desparately need to be publicly accessible? VLAN the VM off so it's on its own and put a reverse proxy in front of it with HTTPS (and ideally MFA if you need auth)
this is what i did. a 10 CHAR domain of only numbers with .win
Free domains such as .tk or .cf are scanned by various bots as soon as they are created. I remember when I created a domain and forwarded it to my server. The spam and attacks that subsequently hit my server were very high. Significantly higher than with a domain that I paid for.
I therefore strongly recommend staying away from these free domains.
Good luck with your project :)
I use WireGuard for most stuff. My Nextcloud instance is open though because I lien to upload photos I take pretty quickly to keep a backup