Are there any paid services for either Lemmy or Mastodon? Something where, given it is a subscription service, you would expect them to stick around long-term?
Are there any paid services for either Lemmy or Mastodon? Something where, given it is a subscription service, you would expect them to stick around long-term?
Exactly. I went one step further and decided not to use my admin account as my main. I don’t run around as root on servers so I try not to do that with apps. It’s easier with Lemmy because once it’s set up all the admin tasks hit my email.
I also wanted to avoid that vulnerability that hit Lemmy World a few weeks ago that was only possible because the server admin got their jwt stolen, which wouldn’t have been so impactful if they weren’t on the admin account.
I didn’t read the story about how exactly he lost the jwt, but is it still as big of an issue since 2fa was introduced?
I guess existing jwt hashes will bypass 2fa, but I’m not super worried since my instance has 3 users.
2fa was in at the time. IIRC the jwt was granted after 2fa so it didn’t matter.
You’ve got a point though, small instances aren’t gonna be nearly as useful as a giant one to threat actors. Assuming you don’t give them a reason to go after you specifically they wouldn’t have a reason to target such a tiny server.
Still though, I don’t need that shiny A next to my name so I’m good with how I have it set up.
You could really mess with people and use admin@ctrlaltelite.xyz but not have it as the admin account. hah. You host it at home or out “in the cloud”? Curious what others do.
I have a couple VPSes for my Tailscale exit nodes and one as an ingress/proxy for my selfhosted stuff at home. They’re all super cheap and have unmetered* network connections. Kubernetes on some PIs and Lenovo tinys support all my services at home.
I have this one on a Hetzner server that runs me like $6/mo. I’m not comfortable with the federated nature of things potentially putting CSAM or other illegal content on disk in my home.
I use tailscale so I can still hit my internal (at home) git repos and all that. The rest of my stuff is all hosted on an old gaming PC I turned into a Proxmox host that sits in my spare bedroom. Of those services, I only expose like 3 things to the outside world. Nextcloud being the main one. I don’t route it through my VPS, just proxy it through cloudflare.