this post was submitted on 01 Feb 2024
45 points (95.9% liked)

Selfhosted

40183 readers
1255 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hello everybody! I just learned that I can get a free .eu.org domain, but I'm not sure I understand the domain creation process. Any of you has one?

I'm unsure what should I write in the "name server" section:

1000008693

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 21 points 9 months ago* (last edited 9 months ago) (3 children)

Please don't self-host DNS. It can be exploited and abused in many ways if you don't know what you're doing.

deSEC.io is free and fully featured.

bunny.net is technically $1/mo but you don't pay anything in months where the queries against their servers fall under a threshold. With a low use personal domain you can basically load up $10 worth of credit and coast on it for a year or more.

[–] [email protected] 7 points 9 months ago (1 children)

Please don't self-host DNS. It can be exploited and abused in many ways if you don't know what you're doing.

Seconded

One of these is DNS reflection, a type of amplification DDoS I found out about several years ago... You send a tiny packet to a DNS server requesting a domain with long records, but tell the DNS server to send the response to another address. Pretty interesting and amusing imo, but probably not if you're on the receiving end of one lol

[–] [email protected] 2 points 9 months ago (1 children)

Isn't that mainly a problem with recursive DNS servers? The authoritative servers are only aware of the few domains they're hosting.

[–] [email protected] 5 points 9 months ago* (last edited 9 months ago)

"If you do everything perfectly you won't have security problems."

But people make mistakes. Human error and misconfigured servers is the cause of many security flaws. Especially people asking "what should I provide for DNS on this domain registration form?"

DNS services are dirt cheap. Hosting yourself requires some knowledge to run security, and you need a static IP address to host one which many people don't have.

Best not to do it yourself.

[–] [email protected] 2 points 9 months ago (1 children)

Do either of the options you mentioned provide custom nameservers? As in, the ability for ns01.yourdomain.com to resolve to your account on their DNS servers?

[–] [email protected] 1 points 9 months ago

Do you mean NS records? Yes, they both let you add and edit them.