• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: October 3rd, 2023

help-circle
  • You can still self-host on a rented VPS. And unless you have a managed VPS, then you’re still responsible for the security, and managed hosting is far too restrictive in terms of what you can do. It’s just up to you to decide if you trust that company to host your box.

    And running one at home is cheap as hell.

    This is exactly why I host my own stuff. I know how to tighten up the security to the point where it’s just as safe as it would be sitting on some other companies’ system, and I don’t have to worry about what they’re doing with my data, or a data breach. Seen too many companies that are lax on security (such as LastPass).

    I throw extra encryption in place when means even if someone were to be able to gain physical access; they’ve got a hell of a brute force to go through just to break one part.




  • It’s good if you like self-hosting stuff.

    However, what I tell people is this:

    If you know jack about security and how to lock down a machine that is running Vaultwarden, then it’s useless. You should go with Bitwarden.

    If you’re looking to install it just to play around with, I would be very cautious about what you store there, unless you can lock the system down to where it’s not accessible by the outside internet and localized only to your network.

    And I have redundant backups in place in case one decides to fail, which are all encrypted with GPG and a few other measures.

    If you have it installed and not accessible to anyone else but you, it’s a fun project. I like using VW and BW.

    The other bonus would be no one is going to look to target you specifically unless you’re turned into a target.

    Whereas if BW were to be breached, it wouldn’t have anything to do with you.

    However, BW utilizes encryption, so even if they did somehow manage to get in, they can’t read your passwords.




  • Another option which I’ve used in the past is that you can set your domain up with Cloudflare and then either utilize a Tunnel, or restrict the domain to your own IP address and it will block all external traffic. I’ve utilized it for several projects and it has always worked flawlessly. Haven’t tried the Traefik / HAproxy method.

    But Certbot / LetsEncrypt is extremely easy to use.