I’ve wanted to do this for a long time. My current ADHD hyperfixation is NodeBB, but I think my questions fit most anything that you want to be available to the general public and not just yourself and your friends.
Basically, I want to host a NodeBB instance intended for the general public out of my house. What are the risks of doing this? In particular, what are the risks of doling out a web address that points to my personal IP address? Is this even a good idea? Or should I just rent a VPS? This is 80% me wanting to improve my sysadmin skills, and 20% me wanting to create a community.
I have a DMZ in place. Hosts in the DMZ cannot reach the LAN, but LAN hosts can reach the DMZ. If necessary, I can make sure DMZ hosts can’t communicate with each other.
I have synchronous 1 Gb fiber internet. Based on the user traffic of similar forums, I don’t anticipate a crush of people.
I know the basics of how to set up a NodeBB instance, and I’ve successfully backed up and restored an instance on another machine.
I’m not 100% on things like HTTPS certs. I can paste a certbot command from a tutorial, that’s it.
Anything else I should know? Thanks!
EDIT:
I also have a domain, a couple of them, actually. They’re like potato chips; you can’t stop at just one.
I don’t plan on self-hosting email used for forum registration and announcements. I’m not a masochist.
Yeah, other countries have similar or even more strict requirements, so yeah it all depends on the jurisdiction. You have to also understand that just hosting something externally, doesn’t mean you don’t fall under laws of another country. It’s the internet. And if you live in a country, you may be held responsible for obeying their laws. I’m not a lawyer, so it’s something to be careful of even if externally hosted.
Somehow 4chan admins have largely escaped legal consequences for this stuff, and I don’t think it’s just because of sec230.
Not a fan of 4chan, but I do note both their and the pirate bay’s operation scheme.
I mean, in most cases this isn’t criminal law (in the US at least), so it means you have to attract enough attention of a corporation since they’re usually the only ones who can afford the legal costs to file the DMCA requests and responses for copyright violation. And with many other civil issues, often corporations with the money for it, don’t have standing to sue, and if they did, would be required to sue each individual in the appropriate jurisdiction.
With the removal of Section 230, these costs will go down significantly as a single user’s violation could be enough to bankrupt or shut down an entire site of violating content or, if serious criminal violations like child porn, put the person who hosts the site in prison who, will be much easier to identify and sue in a single jurisdiction or arrest than a random internet user.