17 votes

Should I self-host my blog?

I've gone down the rabbit hole of self-hosting, and I'm wondering if I should try self-hosting my blog. The blog is currently on Netlify. I've left it there because I figure their infrastructure is much better than mine... but part of that is a CDN, and, despite the performance benefits, I'm not thrilled about the privacy implications of subjecting my users to that. I'm torn on that point.

That said, I'm on cable internet, so my upstream is abysmal. My site is mostly text and the site is low traffic, so maybe it's not a problem. What do you think? What are some of the implications of self-hosting the blog that I'm not considering?

Edit: Wanted to clarify a couple of things I realize weren't clear in my original posting. I'm already self-hosting a few dozen services from home on my own hardware. Port 80 and 443 both work, and I'm already running a Caddy reverse proxy to proxy to the other services. My question is less about whether self-hosting is a good idea and whether I should be keeping my blog on Netlify for the reasons above. My biggest concerns are the privacy implications of keeping with Netlify and their CDN vs. the performance implications of losing the CDN and serving via a ~30Mbps upstream connection.

Thank you for all the comments so far!

26 comments

  1. DeaconBlue
    Link
    I genuinely think you are making a mountain out of an anthill here. CDNs are ubiquitous and privacy minded users will have ways to deal with it if that is a concern. Self hosting is fine for a...

    but part of that is a CDN, and, despite the performance benefits, I'm not thrilled about the privacy implications of subjecting my users to that

    I genuinely think you are making a mountain out of an anthill here. CDNs are ubiquitous and privacy minded users will have ways to deal with it if that is a concern.

    Self hosting is fine for a whole lot of reasons, but I don't think CDN privacy issues qualify.

    34 votes
  2. hungariantoast
    Link
    Yes, you should try self-hosting your blog. Why? I don't know. You seem to want to, and it would be a learning experience. If self-hosting your blog doesn't work out, then you can always go back...

    Yes, you should try self-hosting your blog.

    Why? I don't know. You seem to want to, and it would be a learning experience. If self-hosting your blog doesn't work out, then you can always go back to having it hosted elsewhere.

    If you do end up self-hosting your blog (and also if you end up un-self-hosting it later) you should write about that experience (or experiences) on your blog, and then post it here. I would read it.

    18 votes
  3. [8]
    stu2b50
    Link
    Should you self-host on your own computer? Probably not. There's a lot of issues, from the dangers of having open ports on your network, to the practical problems of availability. Should you self...

    Should you self-host on your own computer? Probably not. There's a lot of issues, from the dangers of having open ports on your network, to the practical problems of availability.

    Should you self host on a managed server? You can, if you want, but it will cost money.

    10 votes
    1. [3]
      Eji1700
      Link Parent
      This is the part that's really shocked me diving down the self hosting rabbit hole. The amount of "oops shot yourself in the face" hurdles you can run headlong into are crazy. There's lots of...

      This is the part that's really shocked me diving down the self hosting rabbit hole. The amount of "oops shot yourself in the face" hurdles you can run headlong into are crazy. There's lots of tools to make things easier, but the moment you want something a little different than the guide you might be following stuff can get heavy fast.

      10 votes
      1. [2]
        Reapy
        Link Parent
        It's one of the great losses of the Internet over time. Years ago it was just amazing to put a server and host to the world from your PC, it felt amazing to be able to do it. There were bad actors...

        It's one of the great losses of the Internet over time. Years ago it was just amazing to put a server and host to the world from your PC, it felt amazing to be able to do it. There were bad actors then, sure, but just not at the volume and sophistication we have today. Now, the Internet feels hostile, and it's only with great consideration we can open our networks to outside traffic.

        3 votes
        1. onceuponaban
          Link Parent
          While I agree the feeling of the Internet being a more dangerous place is unmistakably there, I think it's important to realize the state of cybersecurity of years past was already awful if not...

          While I agree the feeling of the Internet being a more dangerous place is unmistakably there, I think it's important to realize the state of cybersecurity of years past was already awful if not even worse (remember the time when getting your computer instantly infected upon connecting to the Internet with no user input was a very real risk if you weren't careful in ensuring you had an operational anti-virus and a reasonably up to date OS before connecting to the Internet? Windows XP is remembered fondly now but its era was when this risk was at its worst). I think it's more accurate to say that we're more aware of the risks now than the past being actually safer, and with the physical and digital aspects of our lives intersecting more than they used to, the stakes should you fall prey to malware or some other form of cyberattack are also higher.

          For what it's worth, there's Yunohost which offers an easier step into self hosting while establishing some baseline security that is probably good enough for the motivated layman (for example, fail2ban is provided and set up for you, and rule 0 of cybersecurity, keep your system up to date, is made easier by yunohost's web interface). I'm using it myself, and while I have some gripes with it and will probably switch to a fully custom self hosted setup when I move away from a raspberry pi and to a more powerful mini PC as my server, it's definitely serviceable as a way to discover what you can achieve with self hosting while giving you a greater awareness of how to set things up correctly and safely when/if you decide to roll your own setup later on.

          That being said, your computer's safety is absolutely a legitimate concern and it makes sense to delegate the actual hosting to a third party just for the sake of shielding yourself should the worst happen. Exposing myself through self hosting is a risk I personally accept as I value control of my hardware more, but that is not necessarily sensible for everyone.

          1 vote
    2. [4]
      first-must-burn
      Link Parent
      It will cost money, but you can get on a small tier instance on Hetzner for around €4/mo, which is nice because of you screw it up, you can just wipe it out and start again. It's also nice because...

      It will cost money, but you can get on a small tier instance on Hetzner for around €4/mo, which is nice because of you screw it up, you can just wipe it out and start again. It's also nice because they don't have 10 billion cloud offerings. Pretty much just the basics, so everything you see in the menu is probably something worth your time to understand, where AWS has so many offerings it's very difficult to distinguish them or understand which ones you need without spending a lot of time on it. So a good option if you want to learn about system administration.

      That said, if your goal is to get a small blog out there efficiently and cheaply, you probably can't beat using something like AstroJS to build a static site and deeply it as a static site in an S3 bucket or as a site on Cloudflare Pages (h/t @mattsayer).

      4 votes
      1. [2]
        geniusraunchyassman
        Link Parent
        I second Hetzner. Can’t really beat the value if you’re somewhat server savvy. Been a customer there for 7 years and they’ve always been pretty solid. The only con I have is customer service can...

        I second Hetzner. Can’t really beat the value if you’re somewhat server savvy. Been a customer there for 7 years and they’ve always been pretty solid.

        The only con I have is customer service can be a little bit slow and matter of fact. But I haven’t had to contact support in over 3 years.

        3 votes
        1. deathinactthree
          Link Parent
          Oh hey, I wasn't familiar with Hetzner but looking at their site--as someone who clicked into this thread because I was also debating self-hosting a blog--the lowest level which would be all I...

          Oh hey, I wasn't familiar with Hetzner but looking at their site--as someone who clicked into this thread because I was also debating self-hosting a blog--the lowest level which would be all I need is only $2/mo and comes with a domain name. That seems like a pretty good deal and much more painless than trying to self-host. I'm going to take a serious look at this, thanks!

          (I recently started an account on WhiteWind because I was interested in a free, basic blogging platform built on ATProto, but honestly I don't think it's mature enough to do work for me yet. This looks like what I can get on with in the meantime.)

  4. [2]
    Turtle42
    Link
    I self host mine and I don't think it's that big of a deal. Nginx, an open port and a DNS record gets you there. Lock your shit down and you'll be fine.

    I self host mine and I don't think it's that big of a deal. Nginx, an open port and a DNS record gets you there.

    Lock your shit down and you'll be fine.

    7 votes
    1. DynamoSunshirt
      Link Parent
      If you're really concerned, host it on a separate machine from everything else. You could even put that on a separate network than your other machines, a sort of quarantine zone. Then, worst case,...

      If you're really concerned, host it on a separate machine from everything else. You could even put that on a separate network than your other machines, a sort of quarantine zone. Then, worst case, you can just blow it away (maybe literally, if you somehow manage to get ransomwared).

      2 votes
  5. [3]
    Jambo
    Link
    One thing to note is it may be against your isp's TOS to self host, whether they will actually notice or do anything about it is probably pretty low though. I've been hosting a Minecraft server...

    One thing to note is it may be against your isp's TOS to self host, whether they will actually notice or do anything about it is probably pretty low though. I've been hosting a Minecraft server for ages and mine hasn't come after me, though it is in their TOS

    Of course I have like 4 people connecting to me, if your blog is massive then it might be easier to spot

    6 votes
    1. [2]
      Liru
      Link Parent
      My ISP blocks inbound requests to ports 80 and 443, among a few others. Technically you can set up a site on something like port 81, but that becomes slightly inconvenient and ugly.

      My ISP blocks inbound requests to ports 80 and 443, among a few others. Technically you can set up a site on something like port 81, but that becomes slightly inconvenient and ugly.

      3 votes
      1. vord
        Link Parent
        I remember reading a great post awhile back about how we could have solved huge quantities of issues if we just allowed DNS to resolve ports as well. Wish I could remember the source.

        I remember reading a great post awhile back about how we could have solved huge quantities of issues if we just allowed DNS to resolve ports as well.

        Wish I could remember the source.

        3 votes
  6. [2]
    bl4kers
    Link
    Netlify will bill you for DDOS attacks even when you're on their "free" plan. At the bare minimum I'd recommend switching to Cloudflare Pages or GitHub Pages.

    Netlify will bill you for DDOS attacks even when you're on their "free" plan. At the bare minimum I'd recommend switching to Cloudflare Pages or GitHub Pages.

    5 votes
    1. jackson
      Link Parent
      This has recently changed, the Free plan will now deactivate your site until the next billing period if you exceed a quota. I believe the Starter plan will auto-bill for exceeding a quota though....

      This has recently changed, the Free plan will now deactivate your site until the next billing period if you exceed a quota. I believe the Starter plan will auto-bill for exceeding a quota though.

      From /pricing FAQ:

      What happens when a Free site reaches its limits?
      When a site reaches its monthly usage limits, it enters a suspended state until the first of the next month. We’ll notify you by email as you approach your limits at 50%, 75%, 90%, and 100% of usage. Please note that if one site exceeds its limits, all sites on your Free account will be suspended.
      You can re-enable your sites at any time by upgrading your plan. Your sites will automatically resume normal operation after upgrading.

      4 votes
  7. PuddleOfKittens
    Link
    The cost difference is basically nothing, so this clearly isn't about the money - it's about something else. The fun, perhaps? In which case, do whatever you think is more fun.

    The cost difference is basically nothing, so this clearly isn't about the money - it's about something else. The fun, perhaps? In which case, do whatever you think is more fun.

    5 votes
  8. 0xSim
    Link
    I self-host my own services on a VPS. Self-hosting on your own hardware is opening a whole can of worms that is IMO not worth 4€/month, unless that is a goal in itself. It sounds like you're more...

    I self-host my own services on a VPS. Self-hosting on your own hardware is opening a whole can of worms that is IMO not worth 4€/month, unless that is a goal in itself. It sounds like you're more concerned about "owning" your pages to stay privacy-conscious, so a VPS is probably the best solution for now.

    4 votes
  9. hamefang
    Link
    If you are up for learning self-hosting on Linux, I recommend: getting the cheapest VPS (Virtual Private Server) with Debian operating system through Digital Ocean - it's a cost of a few US...

    If you are up for learning self-hosting on Linux, I recommend:

    • getting the cheapest VPS (Virtual Private Server) with Debian operating system through Digital Ocean - it's a cost of a few US dollars per month and you'll need your own domain as well
    • setting up Caddy as a web server
    • configuring the directory with your website files as a Samba share so you'll have easy access to them from your personal computer.

    Alternatively you can go for Codeberg Pages instead if you don't want to mess with a VPS.

    2 votes
  10. Pavouk106
    Link
    If the question already popped in to your head, I'd say go for it. The thing I would be concerned about is security. Your server could get hacked through the blog (either by some security...

    If the question already popped in to your head, I'd say go for it.

    The thing I would be concerned about is security. Your server could get hacked through the blog (either by some security vulnerability ie. in software library, by some flaw you could make in your setup, by security vulnerability in blogging platform...).

    I don't want to discourage you, quite the opposite in fact!

    1 vote
  11. winther
    Link
    I wouldn’t go into self hosting on own hardware at home as a first step. It can be fun but I would say it has more problems than benefits. You can go far with renting a small VPS with Linux for...

    I wouldn’t go into self hosting on own hardware at home as a first step. It can be fun but I would say it has more problems than benefits. You can go far with renting a small VPS with Linux for like $5 a month which is usually cheaper than most blog hosting solutions.

    I run a static site Jekyll blog on a VPS and having your own server allows for playing around with other self hosting things. Like your own RSS server for example like FreshRSS.

    1 vote
  12. [3]
    onceuponaban
    Link
    Personally I would, if anything, be more concerned about CDNs on the reliability front. Whenever they malfunction, so does every website that depends on them. This happens rarely, but when it...

    Personally I would, if anything, be more concerned about CDNs on the reliability front. Whenever they malfunction, so does every website that depends on them. This happens rarely, but when it does, we get the mainstream media wondering why a huge chunk of the Internet randomly fell over. Oops. If you don't depend on a CDN, that removes a single point of failure. As for privacy, I suppose that's also better than the alternative in the strict sense, though at this point given how ubiquitous CDNs already are this is on the level of trying to dunk ice into a river of flowing lava to cool it down. If you're already self-hosting other services, I don't think it would hurt to go for it and find out if it's a good solution. I personally haven't encountered any specific complications with my own self-hosted blog, then again I started very recently and my blog has virtually no audience, nor do I explicitly intend to build one up so that's probably not indicative of anything useful to you ¯\_(ツ)_/¯

    1 vote
    1. aphoenix
      Link Parent
      I understand your point about CDN failure, but I usually state that as a feature and not a bug. Most sites that rely on a CDN are less noticeable than Amazon, NYTimes, or Reddit. If those sites...

      I understand your point about CDN failure, but I usually state that as a feature and not a bug. Most sites that rely on a CDN are less noticeable than Amazon, NYTimes, or Reddit. If those sites are down, you have a pretty good cover story - we use the same sort of tech that these big sites use, and the outage hit a lot of places!

      1 vote
    2. RadDevon
      Link Parent
      Actually, that’s very useful to me since I also have no audience and no intention to try to build one! 🤣

      Actually, that’s very useful to me since I also have no audience and no intention to try to build one! 🤣

  13. whs
    Link
    I self host my blog using WordPress. I chose WordPress as it's a common technology, and once in a while someone will ask me to help with their WordPress site so I should familiarize myself with...

    I self host my blog using WordPress. I chose WordPress as it's a common technology, and once in a while someone will ask me to help with their WordPress site so I should familiarize myself with it.

    The problem now is that as many wrote, Mastodon will DDoS your site. Once I post my blog content on Mastodon the site will get hundreds of request per seconds, which is way more than the usual next-to-nothing traffic. I don't want to use a CDN on this site either as it is not true self hosting. Now my strategy is I either post on Mastodon or Facebook first, then wait for a day or two before posting it on the other site.

    1 vote