this post was submitted on 09 Jul 2025

26 points (100.0% liked)

technology

23872 readers

216 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 5 years ago

MODERATORS

context@hexbear.net

EmmaGoldman@hexbear.net

SexUnderSocialism@hexbear.net

gaycomputeruser@hexbear.net

ZoomeristLeninist@hexbear.net

Cheap Web Hosting/Design? (hexbear.net)

submitted 4 days ago by LeninsBeard@hexbear.net to c/technology@hexbear.net

12 comments fedilink hide all child comments

I am trying to get a local org I am in set up with a domain and website just to have a place to point people for everything. We would like to keep it as cheap as possible. I figure we need the following:

-Domain name (going to use namecheap probably)

-VPS host (I haven't done this before, it looks like racknerd may be way to go?). I assume I will probably only need 1GB of memory as it will just be a static webserver but that may be too little, not 100% sure.

-Email host. This is one of two real reasons I want to own the domain, we have multiple uses for email but currently everything is under one gmail address and a lot gets lost in the clutter. A few people in our org would like to stick with gmail but I am open to other suggestions. Definitely do not want to deal with self hosting on this.

-Website builder. I plan to use an Ubuntu server with the LEMP stack on the VPS, should I just use Wordpress? I am definitely not experienced in website building so it's not realistic to do my own HTTP. My only concern is using Wordpress will result in a poorly optimized site that may strain my limited resources, but there are also a few people in our org that have experience with it so that would help.

While I have a decent amount of tech experience generally, these are mostly uncharted waters for me. I know this comes across as kind of half baked, but really I am just looking for general advice!

top 12 comments

sorted by: hot top controversial new old

[–] PorkrollPosadist@hexbear.net 10 points 4 days ago* (last edited 4 days ago) (1 children)

VPS host (I haven't done this before, it looks like racknerd may be way to go?). I assume I will probably only need 1GB of memory as it will just be a static webserver but that may be too little, not 100% sure.

Never heard of this ISP, but 1GB will be plenty for a static website, or a rather light-weight web application like WordPress. Most VPS hosts allow you to upgrade your machine in-place, by adding additional memory, disk space, or CPUs (to a degree. At some point you will be forced to transition to a dedicated server, or to spread things like storage to a more specialized object storage host)

Email host. This is one of two real reasons I want to own the domain, we have multiple uses for email but currently everything is under one gmail address and a lot gets lost in the clutter. A few people in our org would like to stick with gmail but I am open to other suggestions. Definitely do not want to deal with self hosting on this.

Probably the right choice. I do self-host email, and with things like Mail-In-A-Box it is not awful to set-up, but it requires its own VPS (so you're paying anyway) and the IP ranges of VPS providers tend to rank poorly in heuristic counter-spam systems (because people's neglected / amateur shit routinely gets hacked and turned into spam bots).

If using email for organizing, custody and jurisdiction of the email server should be an important consideration. Anything is better than Google, but there are still shortcomings of hosting email on a VPS or a dedicated service (like, they could still receive a subpoena or search warrant without your knowledge, though they are less likely to be directly collaborating in dragnet surveillance or various classified "counter-terrorism" programs like Google or Microsoft). End-to-end encryption should be used for anything sensitive, regardless of who has custody of the physical server.

Website builder. I plan to use an Ubuntu server with the LEMP stack on the VPS, should I just use Wordpress? I am definitely not experienced in website building so it's not realistic to do my own HTTP. My only concern is using Wordpress will result in a poorly optimized site that may strain my limited resources, but there are also a few people in our org that have experience with it so that would help.

WordPress is okay, but it has a iffy reputation. It is a very popular web application, and is a popular target for exploits as a result. A lot of people set it up and never think about it again for months/years. Like any piece of web-facing software, you need to keep on top of updates and make sure it is not misconfigured. I have not hosted WordPress in a long time, but if you read the HTTP access logs on any VPS you will see dozens of bots probing and attempting to exploit WordPress installations (along with other popular web applications).

You can configure something like fail2ban to mitigate this noise somewhat. Along those lines, you also should exclusively use key-based SSH access. Disable password authentication completely and have fail2ban throw all the bots into the oubliette. If you're extra paranoid, you can use a smart card (like a YubiKey) to store your SSH secret, so it cannot be exfiltrated from your personal computer.

[–] LeninsBeard@hexbear.net 6 points 4 days ago (2 children)

This is great info, thanks! I deal a decent amount with regular server security so was already planning to do SSH access only.

We're pretty much only using email for contact with people outside the org so not super concerned about opsec on that front, but I agree with you that I would like to move off Google. Institutional inertia can be a motherfucker though so who knows. I'm also looking into self hosting an encrypted messaging app since we still just use WhatsApp but that seems like it's own whole project haha.

[–] PorkrollPosadist@hexbear.net 7 points 4 days ago* (last edited 4 days ago) (1 children)

A few years ago I'd recommend an un-federated Matrix server, but I'm not sure what that platform will look like in a few years. It lives and dies by New Vector LTD. At this point, I'd take a good look at XMPP with the OMEMO extension (a forward secrecy "double ratchet" algorithm similar to those used in Matrix and Signal).

Something like this could likely live in the headroom of a small webserver, though there are benefits to compartmentalization as well. If you use your DNS wisely, you could give something like this its own sub-domain, and eventually move it to its own server at some point in the future.

[–] hello_hello@hexbear.net 3 points 3 days ago (1 children)

+1 for XMPP, hosting an XMPP server is far less intensive than a matrix one and has the same security benefits with OMEMO (if a device's keys get compromised, previous messages can't be decrypted).

Matrix has some iffy history with its zionist past from an Israeli company it also collects tons of metadata and is more complicated to set up.

[–] PorkrollPosadist@hexbear.net 3 points 3 days ago* (last edited 3 days ago)

I ran a Synapse server (the Matrix "reference implementation") for about a year and for a thing used to allow five friends to communicate, it was an abomination. Incredibly heavy application ("They're calling it the Mastodon of instant messaging."). Nowadays at least there are some other options, but at the time Synapse was the ONLY viable implementation.

[–] hello_hello@hexbear.net 3 points 3 days ago

Whatsapp can be replaced by Signal at the very least. If you're in a whatsapp chat and somebody decides to use the report feature, your keys get sent to Facebook and the entire chat is decrypted.

Whatsapp also is a bigger vector for scammers and spammers while those have been extremely rare for me on Signal (like once or twice in a few years).

[–] blobjim@hexbear.net 8 points 4 days ago* (last edited 3 days ago)

porkbun is another domain name purchasing service you can look at. And cloud providers (like Alibaba Cloud) often have their own as well (of course you can't get any domain through any service).

There are ways to host a simple static website basically for free, without running a dedicated server or dealing with web server complexity, using a service like Codeberg Pages (https://docs.codeberg.org/codeberg-pages/using-custom-domain). It's somewhat technical. You have less control over it of course, but it's probably a lot less of a maintenance burden than Wordpress or any other software that requires its own server. Not much needed to secure it. Probably a lot of peace of mind compared to have a server running 24/7 that you have to basically be on-call for. You can also use basically any cloud provider for static site hosting, for example https://www.alibabacloud.com/help/en/oss/configure-static-website-hosting . Digital Ocean also has static site hosting https://docs.digitalocean.com/products/app-platform/how-to/manage-static-sites/

I wonder about email hosting too. I think any third party email hosting provider is probably a rip-off because they usually charge by the user (Alibaba Mail is $4 per user). So if you have two users that's going to cost twice as much as a single user, even if the second user doesn't get used much. Maybe worth it if you only need a couple email address. But if you end up growing then you'll have to pay a lot more.

[–] Edie@hexbear.net 8 points 4 days ago (1 children)

Hosting an email server is a pain in the ass and the easiest solution is to make it someone else's problem.

[–] LeninsBeard@hexbear.net 5 points 4 days ago

When I first started my current job we had an on premises mail server. I have never been happier than the day we threw that thing in the trash.

[–] kota@hexbear.net 4 points 3 days ago* (last edited 3 days ago)

Pretty big fan of caddy for your actual web server / proxy. Nice clean and readable configs (far nicer than nginx or apache imo). Also it'll fetch your certificates automatically so you don't need to faff about with certbot. Seconding what hello_hello said about making a static site with hugo or similar. It'll be much faster and zero maintenance once you've made the site, but a bit more effort to develop. There's a good collection of themes if you're not interested in learning css+html, but it's not that hard either. Happy to point to some good resources.

1gb of ram is far more than you need for a static site. For wordpress it'll be probably "enough", but you can always allocate a swap file if it becomes a problem https://wiki.archlinux.org/title/Swap#Swap_file_creation

Feel free to dm me questions

[–] hello_hello@hexbear.net 4 points 3 days ago* (last edited 3 days ago)

For the website. If you just want to serve static content with no user input processing, you should use hugo, if blogging/newsletter is the most you'll realistically do. I'd advise this over WordPress since you won't have to worry about maintenance so much.

Hugo also allows for writing posts in markdown, which are accessible to anyone who has a program that edits a text file.

You might also want to look into things like Nextcloud for many different services, but that's if you're willing to scale up.

[–] unperson@hexbear.net 3 points 3 days ago

I liked migadu.com as an email server, although it's very small and doesn't always get through the Google spam filter. It's in switzerland which is a very good jurisdiction about privacy laws.