Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
They block VPN exit nodes. Why bother hosting a web site if you don't want anyone to read your content?
Fuck that noise. My privacy is more important to me than your blog.
and filtering malicious traffic is more important to me than you visiting my services, so I guess that makes us even :-)
You know how popular VPNs are, right? And how they improve privacy and security for people who is them? And you're blocking anyone who's exercising a basic privacy right?
It's not an ethically sound position.
Absolutely; if I was a company, or hosting something important, or something that was intended for the general public, then I'd agree.
But I'm just an idiot hosting whimsical stuff from my basement, and 99% of it is only of interest for my friends. I know ~everyone in my target audience, and I know that none of them use a VPN for general-purpose browsing.
As it is, I don't mind keeping the door open to the general public, but nothing of value will be lost if I need to pull the plug on some more ASN's to preserve my bandwidth. For example when a guy hopping through a VPN in Sweden decides to download the same zip file thousands of times, wasting terabytes of traffic over a few hours (this happened a week ago).
Interesting. The most common setup I encounter is when the VPN is implemented in the home router - that's the way it is in my house. If you're connected to my WiFi, you're going through my VPN.
I have a second VPN, which is how my private servers are connected; that's a bespoke peer-to-peer subnet set up in each machine, but it handles almost no outbound traffic.
My phone detects when it isn't connected to my home WiFi and automatically turns on the VPN service for all phone data; that's probably less common. I used to just leave it on all the time, but VPN over VPN seemed a little excessive.
It sounds like you were a victim of a DOS attack - not distributed, though. It could have just been done directly; what about it being through a VPN made it worse?
You had me until the "ethically sound position" part.
You're saying that Joe Blogger is acting unethically because he doesn't allow VPN users to visit his site. C'mon, brother.
You're saying targeting people who are taking steps to improve their privacy and security is ethical? Out do you just believe that there's no such thing as ethics in CIS?
You're putting words in my mouth. I didn't say that. Targeting sounds like specifically doing it with an agenda.
What you're saying the equivalent of being offended that you can't bring guns inside someone's private property because they don't want to, period. "It is not ethical that you forbid me from exercising my constitutional rights of bearing arms in your house. How dare you not allowing me to put my AK-47 in your kitchen counter!"
Nope. I said that if someone doesn't want to deal with VPN users because it's more hassle than worth (e.g. bots), then so be it. Joe Blogger may get 20 visitors a month instead of 24. Oh the horror!
I am a huge advocate of privacy laws. But if Joe Blogger doesn't allow me in his personal website, eh. I might try archive.org.
Hold on a tick.
Specifically blacklisting a group of users because of the technology they use is, by definition, "targeting", right? I mean, if not, what qualifies as "targeting" for you?
And, yeah. Posting a sign saying "No Nazi symbolism is allowed in this establishment" is - I would claim - targeting Nazis. Same as posting a sign, "no blacks allowed" - you're saying that's not targeting?
I know we're arguing definitions and have strayed from the original topic, but I think this is an important point to clarify, since you took specific objection to my use of it in that context; and because I'm being pedantic about it.
You may be right. I guess it's a matter of semantics. But the way you described it sounded more nefarious. "I'll target this group of VPN users because fuck them, I hope they all die in a tsunami!!!!" when it's more like "ugh, another VPN bot. The 9th this hour and I'm hungry. You know what - I'll just block VPN altogether and go fix me a sandwich." Maybe that's just my perception.
But anyway - it's Joe Blogger's machine, at his home, for him to do whatever he likes. Some rando from the street knocks on the door and says "excuse me, do you mind if I send an e-mail from your computer?" Joe Blogger can perfectly say no, not even an excuse is owed.
You'd have a point if it was a business or a corporation. Some home machine? Out of billions? Why bother?
I guess we're two pedantic folks. I enjoy these discussions. I sometimes gain some new knowledge out of them.
Oh. Yeah, I don't think they're being malicious; I just get frustrated with that sort of behavior. The primary DNS servers for usps.com, neakasa.com, and vitacost.com all block DNS queries from Mullvad's DNS servers, and one of them blocks all traffic from at least some of Mullvad's exit nodes. It means I have to waste time working around these blocks, because I'll be damned if I'm going to take down the house VPN just to visit their stupid sites. So, I hard-code DNS entries for them, and route traffic to the one through one of my VPSes. It's annoying, a waste of my time, and I'm just generally offended by the whiff of surveillance state about it, even when that's not the reason why they're doing it.
Really, it boils down to the fact that I'm offended by the presumption that their (not OP, but VPN-hostile companies in general) anti-spam or whatever they're trying to accomplish takes priority over my right to privacy. So, yeah; I generally have a bone to pick with any site that's hostile to VPNs.
I have no doubt at all that you're right. And, they have no obligation to accommodate me (which I think is not true for companies I'm trying to do business with).
I'm just uppity about the topic, is all.
I'll happily have a cordial disagreement with anyone arguing in good faith. It's echo-ey enough, and these are good conversations.
By the way, Mullvad rocks!
I completely understand your position and yes, organizations blocking VPN traffic is some major bullshit.
Like apps that ask for your location when they can perfectly function without it. Don't provide me with a "Never ask me again" checkbox? Fine, I'll play this game every time. Stop working because now you demand location? A stupid game app? Uninstalled.
It's a minimalist private blog that sets no 3rd party cookies and loads no 3rd party resources. I presume that alleviates your concerns? 😜
That's not what I'm complaining about. I'm unable to access the site because they're blocking anyone coming through a VPN. I would need to lower my security and turn off my VPN to read their blog. That's my issue.
The admin could use a CDN and not worry about it, if it's just static content.
I believe using a CDN would defeat the author's goal of not being reliant on third-party service providers.