[blacksmith_tb]

If it's a static site? Probably safe-ish, I suppose bots and bored teens could DDOS it. You could also choose a non-standard port, that might cut down on the noise.

[iamcreasy]

Thanks! I want to learn what could go wrong. Can you point me to any resource/book to study this particular matter?

[kube-system]

It depends entirely on what technologies you are specifically exposing. If you are serving a page with a web server application like Nginx or Apache, you should read about securing those applications. If you are writing a NodeJS application, you should read something specific to that.

If you want something very general and comprehensive, you can read this, although it is probably too involved for a basic "website": https://owasp.org/www-project-web-security-testing-guide/sta...

[SturgeonsLaw]

I would recommend you put it behind Cloudflare, it will mask your home IP address and will absorb any attacks

https://skylar.tech/create-fast-websites-from-your-home-netw...

[southerntofu]

Please don't do that. It's a terrible idea because CloudFlare will then get to decide who gets to see your website or not (and CloudFlare hates privacy tech like Tor), and also because then CloudFlare will terminate the HTTPS (TLS) connection on their side so they essentially get to know all your passwords.

I've selfhosted on 64Kbit/s modem then xDSL for years without a problem (apart from bots trying default passwords). If you are really afraid you'll run into DDOS attacks and whatnot, consider using a small 2-5$/mo VPS as reverse-proxy instead of CloudFlare to retain control of your infrastructure.