[jzymbaluk]

One thing that has kept me from starting to self-host is that I'm terrified of the thought of opening ports on my network to the open internet. For people who have self-hosted, how do you secure or set up your network?

[atomicnumber3]

I self host a lot, the main thing is to keep your software up to date and make sure you don't accidentally open any ports you don't mean to. The top main mistakes people make is 1) never updating software and then getting exploited, and 2) accidentally not having or misconfiguring your firewall. Like leaving an "internal" service exposed to the internet.

[smachiz]

nginx or other reverse proxy running SSL - don't open ports directly to any of the apps.

You should also run fail2ban on everything.

[kickaha]

jzymbaluk's fear is mine too. I should have made it explicit!

I'll follow these pointers for sure.