3
I've been at Digital Ocean for 6 months. However, I don't want to pay anymore and want to start my own server from home. (This is also for educational purposes. In this way I can learn how to maintain a server)
I think if I open port 80 people can easily see what I am searching on the web (Man in the middle attack). Should I open my port? How should I secure the server if so? I know about fail2ban and rootkit hunter.
I don't have a lot of experience on setting up a home server and opening all the ports.
It would be awesome if someone could tell me if I should do it and how I should do it.
3On your run-off-the-mill consumer NAT router, you aren’t opening ports, you’re forwarding them. This is very different. It is also only about incoming traffic and not related to outgoing traffic at all. If you don’t have experience, do not operate an internet-accessible server on your home network. If it were to be compromised, an attacker would have complete access to your internal network. – Daniel B – 2016-08-05T13:39:55.410
Seriously, if you need to ask this question, you are not prepared to do this securely. Also, understand that you may not even be able to do this at home, or it may quit working after a while if you do. See this question about CGN problems.
– Ron Maupin – 2016-08-05T14:47:08.817@RonMaupin Ok thanks I think it is better that I won't. – fredsco – 2016-08-05T16:41:22.927
You might discover that your internet service provider blocks incoming port 80, such as my beloved ISP Cox, in which case you wouldn't be able to host public pages on the standard port anyway. It's an incentive to upgrade to a costly business connection because they know it's really ghetto referring customers to http://example.com:8080
– Jeff Puckett – 2016-08-11T01:33:50.170