Hello. I’m pretty new here. I just managed to get my Raspberry Pi setup at home to selfhost a simple website that will act as my portfolio for some art I do.

I’m using WordPress to make the content of the website, meaning it runs on Apache, MariaDB and MySQL in the background. It’s connected via port 80 since I don’t want to pay for SSL certificates to setup https. There will be no accounts or transactions happening on my website. I don’t have anything to manage my dynamic IP but I’ll figure that out later. I’ve deleted the default Pi user on the RPi.

Are there security issues I should address preemptively? I’m worried for instance that I am exposing my home network, making it easier for someone to breach into whatever is connected there.

Any tips on making sure my setup is secure?

  • PSoul•Lemmy@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 days ago

    Noted ! I’ll make sure to set https up.

    Tbh, I haven’t heard the word firewall since probably 2005… would my router have a firewall built in or is that something I need to add on, let’s say, the RPi ?

      • diminou@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        6 days ago

        Was going to say exactly the same thing.

        Even if your router have one, better safe than sorry!

    • undefined@lemmy.hogru.ch
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 days ago

      Your router probably does have one, but your end devices should too. If your router is some piece of trash ISP-supplied one, it might not even have a firewall for IPv6 (if it even supports IPv6 at all).