Safety on the WorldWideWeb

openZource · October 16, 2021, 10:34pm

Love the Yuno concept but i’m finding many warnings about hacking & self-hosted websites(html/js/php). Even been advised to buy hosting instead because safety is next to impossible for simple users? Isn’t there a simple method? I would also like to keep ip private at minimal cost.
Thanks

jarod5001 · October 17, 2021, 12:12am

Yunohost security is good. You can stick with the default settings and have a very good password (very long, caps and lowercase, numbers…)
You can restrict access to your server based on geographical information (geoip), follow the link below, hook number 6:

arkadi · October 17, 2021, 9:51am

There is risk doing anything, and it’s true there is no 100% infallible computer system.

Love the Yuno concept but i’m finding many warnings about hacking & self-hosted websites(html/js/php)

Warnings from who?

Even been advised to buy hosting instead because safety is next to impossible for simple users?

Advised by who? VPS who make money from people who buy hosting? If you’re willing to follow best practices and do some research, it’s not impossible for ‘simple’ users.

Isn’t there a simple method? I would also like to keep ip private at minimal cost.

What are your goals with using Yunohost? Run a blog? Use Nextcloud?

Maybe you could expand upon this post and be more specific.

What are your concerns about safety? (specifically running what services/apps)
Keep IP private? Do you mean use a VPN? or run a TOR onion website?

openZource · October 18, 2021, 3:28pm

Basics for a newbie. I’ve been hack’t & violated before so i know there’s evil out there. I can only imagine having my own server… If i remember… it’s easy to get to a door on google street view from a IP.

Find how to install sites on clearnet & keep my privacy, cheapest safe method.

Yuno looks like candy so i will try many apps. Some things can only be on local network others like a e-com site, blog on web. Is each Yuno app in it’s own Sandbox?

arkadi · October 18, 2021, 11:14pm

Try it out. Yunohost has a single sign in (SSO) that protects all the user apps. There is also an administrative web UI (can be disabled).

Each app is not in its own sandbox. Yunohost is basically Debian but with lots of things built in and made to work with each other (failtoban, XMPP, mail server, NGINX).

Security wise you can make it as restrictive as you want: make SSH only key based, disable the administrator web ui

You can start up a server and just take it slow. Run a few things, and learn as you go.