💾 Archived View for bbs.geminispace.org › s › Gemini › 16276 captured on 2024-08-25 at 10:28:54. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-08-18)
-=-=-=-=-=-=-
Hello friend
I know gemini use the limited protocol itself to protect the privacy of the client, but what about the host?
How do you protect your own privacy when you hosting a site? or do you not worry about exposing your information (like your IP or your email or anything people can get from your domain name) on the net?
If you think it is not a concern, I would love to hear your reasoning. Maybe I am just overthinking?
And if it does bother you, please share some tip for how to better protect yourself as gemini site host
Thank you
Apr 21 · 4 months ago
TLDs like .org require a contact address, but there are services that provide a proxy address to hide yours, they cost a handful of dollars per year. Highly recommend, you don't want your home address in there.
You have to expose an IP address if you are self hosting. I don't think this is particularly a problem, any machine connected to the internet will anyway be scanned for vulnerable services. These days that usually means a router, so take care with port forwarding.
I use nearlyfreespeech.net for hosting and domains, they offer the privacy service and email forwarding, I wrote on my capsule about how awesome they are :)
You could host an anonymous capsule, with Windows, if you visit with Tor Browser https://portal.mozz.us/gemini/cities.yesterweb.org/ and register there. With Tallow.exe run later and with WinSCP you can manage your capsule anonymously then, without using Tor Browser.
It depends on how you define privacy. If you are running a server of any kind on the internet you have exposures of all sorts. There is nothing particularly private about Gemini, except that no one gives a flying hoot about it.
I didn’t want to expose my home IP so I bought a cheap starter level $1 VPS, that runs an nginx reverse proxy. The VPS connects to my home server via TailScale (which is basically Wireguard VPN with extra benefits). The local server listens on the machine’s Tailscale IP; nginx forwards traffic on port 1965 to that tailscale IP. To me this is good enough.