this post was submitted on 27 May 2024
17 points (94.7% liked)

Selfhosted

40041 readers
674 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I have been using no-ip for around two years to remotely access my hosted service, I mostly use their free service except for a few 5 months offers I bought.

Recently, I received a full year offer in email for 8$ (COUPON CODE: MAY8), and I was wondering whether to get that or buy a 2 years domain for the same price (FROM hostinger or namecheap).

I have never bought a doamain before and my knowledge is limited to what I mostly read here. So, per your opinion, what would be better in term of usability and security, a DDNS on the router and a port open per hosted-service? or a domain with reverse proxy?

you are viewing a single comment's thread
view the rest of the comments
[–] klangcola@reddthat.com 1 points 5 months ago (1 children)

Another option is subpaths: xyz.ddns.net/portainer

Just one open port, to your reverse proxy (nginx or other).

The client updating no-ip with your dynamic IP is independent of the reverse proxy software.

[–] 486@kbin.social 2 points 5 months ago (1 children)

Another option is subpaths: xyz.ddns.net/portainer

While you can do that, you should be aware of the security implications (every application can see and modify every other application's cookies). If at all possible, I would try to avoid this setup.

[–] rentar42@kbin.social 1 points 5 months ago

I second that. This practice comes from a time where domain names were expensive, in many ways: SNI didn't exist/wasn't wide-spread, so each domain name on HTTPS needed a dedicated IP, Certificates weren't democratized yet via letsencrypt/acme and most hosts were big enough to run multiple services, because virtualization wasn't as widely available yet. So putting apps on sub-paths made sense.

Now all of those things are basically dealt with and putting each app on its own sub-domain just makes way more sense.