That‘s normal. There are countless bot nets that scan every public available IP to hijack. Using fail2ban is already a good approach. I personally switched to crowdsec a while ago as it comes with a crowdsourced blacklist which will silence a lot of the common noise and only occasionally I get an Alarm about an IP address not already on the default list.

Depends on the support case you got. If it’s technical you have basically 24/7. I am in Germany but had once a hard drive failure in a server at 1am contacted technical support and it took about 30 minutes overall and the new drive was resilvering and the server back online. Takes a bit as the NOC needs to go to the data center and so on.

The problem is a lot of people here are beginners and have no real clue about network security. And opening a port is opening a door. If you have a bouncer that clears people beforehand then you can keep the door open. But you will still need to keep your bouncer trained so he can take care of people you don’t want. Same with software. Keep it updated and have security enhancements in place like 2FA and analysis tools like crowdsec or fail2ban. And the open port might not an issue at all.

But if you open a device like a NAS (cough QNAP cough) then you have a higher security risk.

TLDR; if you know what you are doing it might not have implications.

Moved on from compose ages ago. So should you.

As long as it is not reachable from any untrusted network like the Internet. It’s as safe as your home network is.

I run three piholes with gravity sync and have none of the problems you describe.

But pihole isn’t big magic it’s basically a dnsmasq with some management stuff around it. you could host a dnsmasq yourself and just fill the filter rules in the config file your self with ansible. The adliges are publicly available just get them with Ansible and parse them into a dnsmasq config template.

Here is an blog about it. https://alblue.bandlem.com/2020/05/using-dnsmasq.html

Sure you can. The question is what are the exact specs and what do you want to self-host?

I have two HP EliteDesk 800 Mini as a XCP-NG pool. Both with i5 6th gen only but with 64GB each and they run about 20 VMs distributed between both.

Sure they won’t be able to perform large language model tasks but for most self-hosted services they are more than powerful enough.

Keep dreaming little one. You leave traces as soon as you go online even when using Tor and supposedly no logging VPN. In a way those have to log something about you for billing reasons alone.

True anonymity and privacy is only offline possible.

I host my own VPN. All I need when I am out and about.

Simply put, yes. Its a widely used software so atleast you can trust that the software itself is secure and shouldnt cause you any problems

Windows is also widely used software an has vulnerabilites all the time. Because a software is used widely doesn't mean it's safe and secure.

Awareness of security and vulnerabilities.

Hosting anything is easy doing it secure is the hard part.