Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Friday January 19 2018, @09:33PM   Printer-friendly
from the questions,-questions,-questions dept.
An Anonymous Coward asks:

I'm putting this under security because i'd like to keep this a private server for family:

that said, I'm wondering if you fine people can help me with the best way to set up a web server in my house to host the files on my external hard drives for family members in other cities/countries while, again, keeping it private and secure over the internet.

I'm looking into ngrok for url handling, but am not sure exactly if this is the best way to go.

Can anyone save me time and possible heartache and failure and provide me (and possibly others) with a walk-through of which software to use. Would love to do something like free, but may have to get a paid unique domain from, say, ngrok, to make it easier for family members to connect up.

Help me, Obi Wan Kenobi... you're my only hope!


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by The Mighty Buzzard on Friday January 19 2018, @09:56PM (2 children)

    by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Friday January 19 2018, @09:56PM (#624941) Homepage Journal

    Don't bother paying for a domain name. Sign up for a free dynamic DNS service. I use desec.io [desec.io] but there are plenty of other providers out there.

    As for securing traffic from prying eyes, letsencrypt [letsencrypt.org] is a free and fairly easy choice for a certificate. We use them here at SN for everything except the main website.

    I won't advise you on the webserver itself. I generally go with Apache because I've been setting it up forever and it's easy to me but it's not the simplest one to make do everything that you want and only what you want, so I'm told.

    --
    My rights don't end where your fear begins.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 4, Informative) by Pino P on Friday January 19 2018, @10:40PM

    by Pino P (4721) on Friday January 19 2018, @10:40PM (#624968) Journal

    Sign up for a free dynamic DNS service.
    [...]
    As for securing traffic from prying eyes, letsencrypt is a free and fairly easy choice for a certificate.

    If you use dynamic DNS, you must make sure that the dynamic DNS provider that you choose is on Mozilla's Public Suffix List [publicsuffix.org] for two reasons.

    One reason is that the CA's rate limit [letsencrypt.org] uses the PSL to tell what domain names are registrable by end users. For dynamic DNS providers on the PSL, Let's Encrypt issues up to 20 certificates per customer per week. But if a dynamic DNS provider is not on the PSL, Let's Encrypt issues only 20 certificates per week across the entire provider. This makes it highly likely that 20 other customers of the same dynamic DNS provider got their certificates before you.

    In addition, if a dynamic DNS provider is not on the PSL, other customers' websites can forge cookies for your subdomain.

  • (Score: 4, Informative) by Marand on Friday January 19 2018, @11:23PM

    by Marand (1081) on Friday January 19 2018, @11:23PM (#624980) Journal

    I won't advise you on the webserver itself. I generally go with Apache because I've been setting it up forever and it's easy to me but it's not the simplest one to make do everything that you want and only what you want, so I'm told.

    I used Apache forever for the same reason — I already knew it so why change? — but eventually branched out and was glad I did. A few years back I had to run a server on a low-resource machine and wanted to save as much RAM as I could, so I finally had to start trying out alternatives and ended up using Lighttpd [wikipedia.org]. The low resource use is what attracted me to lighttpd, but I stayed with it for the configuration, convenience, and ease of use. It has plenty of features, though it deliberately avoids some things Apache does, like mod_perl and htaccess files, which is inconvenient if you're coming from apache, but makes it a lot saner and safer to configure for most users. I think the config format is probably going to be easier to read for a newcomer as well, since everything's in the general format of "feature.setting = value" instead of Apache's oddpseudo-html.

    The biggest negative to this is the lack of htaccess, which makes it inconvenient to use in certain use cases. Specifically, if you're trying to run a webhost-esque setup where you're giving many users their own space to host files and want to allow them to be able to set different access rules, CGI locations, custom rewrite rules, etc. you're going to find lighttpd inferior because you have to manage everything through the config files. It's still doable, though you have to either make the config file edits yourself or sort of roll-your-own via some fancy scripting to generate the necessary configuration and use "include_shell" to run that config generator on start, but either way you still have to reload the httpd to update the changes, unlike the instant feedback of htaccess files.

    Still, that's probably the least common use-case for most people running a webserver, so it's a minor nitpick. For my own personal use, the only special workaround I've had to make for lighttpd was a small 3-line bash script, named include_dir, that inserts "include filename" entries for all files in a given directory. I did it to emulate Debian's sites-enabled directory setup from Apache for configuration sorting and quick adding/removal of sites.