Hello. I’m pretty new here. I just managed to get my Raspberry Pi setup at home to selfhost a simple website that will act as my portfolio for some art I do.
I’m using WordPress to make the content of the website, meaning it runs on Apache, MariaDB and MySQL in the background. It’s connected via port 80 since I don’t want to pay for SSL certificates to setup https. There will be no accounts or transactions happening on my website. I don’t have anything to manage my dynamic IP but I’ll figure that out later. I’ve deleted the default Pi user on the RPi.
Are there security issues I should address preemptively? I’m worried for instance that I am exposing my home network, making it easier for someone to breach into whatever is connected there.
Any tips on making sure my setup is secure?
It may or may not be a concern to you, but if you are hosting it from your home then people will be able to determine your IP and rough physical location.
If you’re on American cable internet and expecting a lot of traffic, your upload speed may become a problem.
Your first point is a good point. I guess it’s ok for now if my rough location is accessible. It’s not like my art is worth anything.
Regarding upload speed, yeah I know it could become an issue but since it’s just a portfolio website, I don’t expect more than a dozen visits a month.
scraping bots are expected to visit it, nowadays more than in previous years. a few of them are search engines, but there’s a lot of scraping for AI training, both on text and image data.