Its always code forges and wikis that are effected by this because the scrapers spider down into every commit or edit in your entire history, then come back the next day and check every “page” again to see if any changed. Consider just blocking pages that are commit history at your reverse proxy.

I do exactly this, but it doesn’t protect your privacy. That one IP address is literally tied to your credit card number and you are the only person using it.

They will only apply it to retail VPNs. You think capitalists play by the same rules?

Small scale version. I heard from some kids that they wanted to play Roblox at school. IT had blocked it on the Wifi. The kids advice to each other was “go on the play store, search VPN, and install whatever one is free.” - IT absolutely isn’t making those kids safer.

They are only interested in retail, anonymizing VPNs. If you spin up your own VPN you are still 1:1 linked to that IP address. If you use a work VPN, they fully track everything. The anonymizing ones that dont track users and share an IP between many users are a threat to mass surveilance.

These laws tend to effect any company that does business in the state or country. Any commercial service or company wanting to make money from UK customers will be required to implement the VPN block for all their customers.

There are already (crappy) ip blocklists available specifically for retail VPN providers. They don’t include corporate vpn providers because capitalism. Anonymizing VPN services have limited IP blocks that are easily tracked.

Probably better to use them for their screen, firewalled off from everything except whatever is providing a dashboard or info display (e.g., homeassistant).

Your perspective aligns with a lot of self-hoisters who run things on rpi’s and such, but not the “home labbers”. Also, see the pubnix, tildeverse, smol web, indie web, and to some extent the retro computing communities. You are definitely not alone!

A device on your local lan is pretty accessible. Don’t open ports from the internet and be sure to back up important data. Something like homeassistant or pi-hole on a raspberry pi is very accessible. Remote access is where thing start getting tricky.

If you want to host something publicly, buy a $5 VPS and install a web server on it. Try hosting static websites. Don’t put anything sensitive on it and if something happens to it, you are out your 5 bucks for the month and learned a lesson.

Restic is great, and the de-duplication between snapshots is amazingly good. Same content in different files (e.g. tar files of linux systems) take very little space like magic). Backrest is a nice web frontend for it.

Note that you should use some retention features of your provider to manage the risk of ransomware deleting your backups.

Remember those people that used to brag they didn’t own a TV at every opportunity?

This comment prompted me to look for a picture of it. Nothing I can find, except in the background behind a baby picture of my now-in-university baby when I was apparently debugging the network connection:

There was a time when I had an old desktop packed full of spinning hard drives in my living room under a CRT television! Yes that works, but a NAS in the furnace room that is accessible from “smart TVs” and everyone’s mobile devices is pretty nice. No more fan noise either.

While true, neither backups nor checksums are exclusive to hosting anything.

Mainly just multi-device access.

I see that cosmos advertises running your apps on a vpn built-in. That might be worth looking into. When I switched to self-hosting everything on my “tailnet” and closed incoming ports, a lot of the nice features of Yunohost for maintaining DNS and certs for the various apps stopped being that useful. In this day and age, I think being able to self-host and experiment within a safe VPN environment instead of on the open internet is the way to go.

Hot take: For personal use, I see no value at all in “availability,” only data preservation. If a drive fails catastrophically and I lose a day waiting for a restore from backups, no one is going to fire me. No one is going to be held up in their job. It’s not enterprise.

However, redundancy doesn’t save you when a file is deleted, corrupted, ransom-wared or whatever. Your raid mirror will just copy the problem instantly. Snapshots and 3,2,1 backups are what are important to me because when personal data is lost, it’s lost forever.

I really do think a lot of hobbyists need to focus less on highly available redundancy and more on real backups. Both time and money are better spent on that.

To clarify that - cryptography (and hence VPNs) work, but OPSEC is hard. And, reading-between-the-lines, the user seems like a bit of a dolt.

Absolutely! I should have said both the dns and certificate are subdomain wildcards. Thanks for clarifying.