Why is it bad to host a website on your router?

Watch this thread
KillChrist
Badges: 0
Rep:
? You'll earn badges for being active around the site. Rep gems come when your posts are rated by other community members.
#1
Report Thread starter 5 years ago
#1
So I opened port 80 on router at home and downloaded Apache then changed its configuration to make a public website. I told an instructor at uni this and she gave me a funny look and said I'm letting the whole world in by doing that, or something along those lines.

So what exactly are the security flaws in doing this?
0
reply
Dez
Badges: 20
Rep:
? You'll earn badges for being active around the site. Rep gems come when your posts are rated by other community members.
#2
Report 5 years ago
#2
At worst, you're opening yourself up to a Denial of Service attack. If the machine you're serving data from had a security flaw it's possible an attacker could exploit it, but Apache is generally very robust so this isn't particularly likely to happen. Unless the website itself is insecure, but that's a whole different can of worms.

Thing is, there are many sites that offer free basic web hosting. Serving the content yourself generally isn't a very practical idea, especially since it means you need to keep a computer running 24/7 - that's a lot of electricity and machine wear costs to consider.
1
reply
Freiya1986
Badges: 4
Rep:
? You'll earn badges for being active around the site. Rep gems come when your posts are rated by other community members.
#3
Report 5 years ago
#3
If you're going to host it in your own better make sure that you set up your host propery do some server hardening on your machine install firewall protection, proper user previlleges *linux users*, keep your system up to date, for the sake of ddos attack mitigate it with cloudflare and install a https. For the question what are the security flaws in, just search for those that I mentioned above if those are not setup in the server. And last even how secured your box if your website has a flaw for xss attack, sql injection, mitm(man in the middle) then your server will still be comprimised but if the user permission is installed correct it will be lessesn, so i suggest to use a framework in developing your site.

Well, If the site is that important why create in-house server? Maintaning it is really costly there's a lot of cheap cloud server out there amazon(1 yr free trial using CC), digitalocean $5 a month, linode and many more. They had their best engineers so you don't need to worry about the hard stuff .
0
reply
X

Quick Reply

Attached files
Write a reply...
Reply
new posts
Back
to top
Latest

Were exams easier or harder than you expected?

Easier (52)
26.4%
As I expected (65)
32.99%
Harder (72)
36.55%
Something else (tell us in the thread) (8)
4.06%

Watched Threads

View All