Running website from home for one friend. Is it safe?

[h4rm0ny]

I have a fixed IP address and I want to provide a web-based service to a friend (JIRA and Confluence, basically) for their project. The alternatives for them are paying for Atlassian's Cloud based options ($20 per month) or running it on their little laptop. They're not very IT savvy and these products would involve them not only configuring the software but installing and managing the backend database and webserver as well. Not impossible, but a significant ask.

So as I have this software locally I thought about opening up a hole in my firewall and letting them connect to mine. I'm pretty sure I can do that but I'm not so certain about security of having the outside world able to peer into my home network. Any advice?

I've looked to see how cheaply I can get a server online that could run it but the prices are really high!

 

[meandu229]

Look intp using cloudflare to proxy the site, then you can set it up without anyone knowing your personal IP address as they will all get given a cloudflare IP. Should be available on the free tier.

 

[#Chri5#]

Is it really worth the agro to save 20 USD a month? What happens if your Internet connection goes down and your friend needs information from your server for a critical meeting?

 

[bremen1874]

What’s the friend’s project? Is this some short term educational thing?

 

[h4rm0ny]

Look intp using cloudflare to proxy the site, then you can set it up without anyone knowing your personal IP address as they will all get given a cloudflare IP. Should be available on the free tier.

Thanks. I'm not really worried about my friend knowing my IP address so much that my IP address is easily discoverable by others. We've pretty much run out of IPv4 addresses and I imagine every single one of them gets probed quite often automatically.

Is it really worth the agro to save 20 USD a month? What happens if your Internet connection goes down and your friend needs information from your server for a critical meeting?

It's not that critical. If it were for business I'd definitely go the hosted route but it's just personal stuff and if my Internet were down she could wait.

What’s the friend’s project? Is this some short term educational thing?

Pretty much. Self-learning and personal development over the next few years. She's not in IT but I use JIRA routinely and it seemed a natural fit for what she wanted. She'd be ignoring a lot of the features but I can take her through creating projects and tickets easily enough and she doesn't really have any other management tools to help her stay on top of this stuff. I already use it for my own needs so I just want to say "Here's an account on mine, have fun!".

 

[BigT]

If I were you I’d set it up in a VM like Virtualbox and then give it to her and set it up for her on her laptop and support her through Remote Desktop when she needs you. I assume you’ll license it using $10 server licenses.

Or set her up with server edition in AWS. Hosting costs will be tiny.

 

[inogen]

Yeah, I'd just use AWS.

 

[Buffalo2102]

I've run my own site and mail server from home for years without any issues. Run it in a VM, use https and check it with one of the many online site security checkers. You'll be fine IMO.

 

[Rainmaker]

she

Suddenly all becomes clear. Do you only have the one IPv4 address, or do you have a small block so that you could DMZ one of them? What's your network setup (edge router, firewall, host OS, software firewall etc)? Personally if it's just for the one person to use I'd set it up on a high port and use NAT to forward it from your edge router to the server; for example 1.2.3.4:7362 > 172.16.0.2:443. Run the server on BSD or Linux (inside a Docker or VM if needs be) with pf or netfilter running as appropriate, set to drop all except 443 and 80 (as required).

As Buffalo2102 says I've run servers on the internet for donkeys' years and never had an issue *touch wood*.

 

[Caged]

Put it in a Digitalocean droplet or on Lightsail if you want low and predictable costs.