disabling password login and use pubkey authentication will be safe enough?
Just make sure you actually disable password login. Simply enabling key doesn't disable password. So as long as the password is disabled then you're fine.
There’s more than a decade worth of banking, spending, and investment information in there.
That's the real reason I would self host something like a budget app. I don't want a company like Mint to have (and sell) my purchasing and financial history.
"self hosted budget management app". Can't you just install this type of app to your phone or pc? What's the purpose here, will you host it and access it from a browser? Or do you only want to backup its data to your server?
I don't want some third party having access to all of my transaction history and knowing what I spend and where.
I hope I don't sound stupid please enlighten me.
Your question isn't stupid. There is an important decision you need to make on "is the juice worth the squeeze." While you can selfhost a lot of stuff sometimes there's better reasons not to. Email is primary example that gets brought up a lot. Sure you CAN self host it, but for a lot of people on this sub it's not worth the effort required to do so.
Each person has to make that decision for each of the things they choose to self host. Budget apps are no different.
It's bots trying to brute force your SSH login. It happens all the time.
Just change SSH to key based only (disable password login) and move on.
In short cloudflare is both a DNS server and a reverse proxy. When you add a DNS record in there and mark it as proxy cloudflare will publish the DNS record but will instead give its own IP as the destination.
When a visitor enters your URL instead of getting your IP they will be given Cloudflare's IP. The visitor will then send their web request to Cloudflare. Cloudflare will then send that request to your actual IP.
That's the basic version. However, Cloudflare's position as a proxy gives it the ability to inspect and act on traffic as a WAF, blocking traffic that meetings the IDS/IPS rules.
It all comes down to "what are you trying to do."
Not everyone runs applications, so docker is not the answer to everything.
But if you only have 8Gb of RAM and are trying to run VMs then I'd advise you to go buy more RAM.
Cloudflare tunnels being unsafe for exposing your locally hosted services to the web
That's the pout of Cloudflare Tunnels. It's a reverse proxy.
Cloudflare Auth (zero trust) can lock down the tunnel so only certain people can access it.
I want to clarify something though. Cloudflare Tunnels IS SAFE. But if you choose to use it in a not safe way that's not the fault of the tunnel.
It's like putting on a bicycle helmet and then running on the freeway and wondering why your leg gets broken after getting hit by a car.
"but I was wearing my helmet" great, but that wasn't the point of the helmet.
RAM doesn't need to be divisible by 4. You can mix and match sizes of RAM it's just not advisable.
Jdownloader
Oh yeah, got rid of the damn thing within 30 minutes of registering but it was too late. I assume bots grab that info as soon as it's posted.
Probably got pushed to the larger system.
There's more than one entity that controls WHOIS information. Typically as soon as WHOIS information gets published it gets copied into a bunch of different registries so you have to contact them all and have them remove the information
Both. I have things that I host simply for fun, but most of my homelab is for experimentation.
I practice with different technologies so I can try to learn how they work.
I got 2x1000v/800w USPs for $145.
Some light strips to put in TM server rack for $9
A 24port patch panel and keystone Jacks for $35
A keyboard drawer for $50
And a rack mounted Fan for $100.
My 2024 New Years resolution is to make my server rack not look like a piece of shit.