Skip Navigation

Security blindspots for selfhosted website

Hello. I’m pretty new here. I just managed to get my Raspberry Pi setup at home to selfhost a simple website that will act as my portfolio for some art I do.

I’m using WordPress to make the content of the website, meaning it runs on Apache, MariaDB and MySQL in the background. It’s connected via port 80 since I don’t want to pay for SSL certificates to setup https. There will be no accounts or transactions happening on my website. I don’t have anything to manage my dynamic IP but I’ll figure that out later. I’ve deleted the default Pi user on the RPi.

Are there security issues I should address preemptively? I’m worried for instance that I am exposing my home network, making it easier for someone to breach into whatever is connected there.

Any tips on making sure my setup is secure?

33

You're viewing a single thread.

33 comments
  • Go https, today there is no real reason not to and tons of good reasons to do it.

    Let's encrypt is 100% free and using their certbot its also automated and easy to do.

You've viewed 33 comments.