How to setup a home-network with a webhost

If I've understood everything correctly, I can setup a DMZ with my Raspberry Pi and thus keep my home network safe.

You should likely use the standard port forwarding features on your current router to host your Raspbery Pi. Using any kind of "DMZ" settings in home routers is (arguably) a bad idea when it comes to safety and hosting a home-based website/webservice securely. Essentially, the router's firewall no longer protects the device in the same way it does other devices that are also attached to it. This ultimately means your e.g. Raspberry Pi is overall probably more likely to be hacked and possibly used against your network. "DMZs" on home routers aren't really analogous to those used in the business world for network safety.

Anaksunaman

Posted 2019-11-11T21:02:16.580

Reputation: 9 278

But that would leave the raspberry in the same network as my other devices right? I would like to put the raspberry in an other network so that if someone hacks into the raspberry he cant access the other devices on the network. – Lexu – 2019-11-13T13:41:22.843

The DMZ settings in home routers often bypass the firewall for that router (i.e. they send every random internet request to the "DMZ'd" device). Regarding network isolation, that would likely depend on the router. I have encountered home routers that do not do this, even for DMZ devices (i.e. they exist on the same network, sans firewall). However, in either case, you have a device that could theoretically be used to breach the rest of your network if compromised (your Pi is still connected to your router, which makes it possible to compromise that device, then potentially your other network). – Anaksunaman – 2019-12-01T23:11:57.207

How to setup a home-network with a webhost

Answers