Hi everyone!

I’m looking into self-hosting, and I currently have dynamic DNS set up to point to my home IP.

My question: is it worth getting a dedicated IP through a VPN?

I’m pretty technically savvy, but when it comes to networking I lack practical experience. My thought is that pointing my domain to a dedicated IP and routing that traffic to my home IP would be safer - especially if I only allow traffic on certain ports from that IP. Just curious if that idea holds up in practice, or if it’s not worth the effort.

  • @[email protected]
    link
    fedilink
    English
    3
    edit-2
    8 months ago

    As long as whatever firewall rules you’re using is capable of resolving FQDNs then I don’t see an advantage of doing this. Maybe in the off chance that your IP changes, someone else gets the old IP and exploits it before the DDNS setup has a chance to update. I think that’s really unlikely.

    Edit: just to add to this, I do think static IPs are preferable to DDNS, just because it’s easier, but they also typically cost money.

          • @[email protected]
            link
            fedilink
            English
            18 months ago

            Because you’re not going to setup any rules pointed to a dynamic public IP address. Otherwise you’re going to be finding a way to change the rule every time the ip changes.

            The ddns automatically updates an A record with your public IP address any time it changes, so yeah the rules would use the fqdn for that A record.

                • @[email protected]
                  link
                  fedilink
                  English
                  18 months ago

                  I’m curious to know in which case is useful to know the public IP in a firewall rule because I’ve never used it.

                  • @[email protected]
                    link
                    fedilink
                    English
                    18 months ago

                    An access rule for instance. To say to allow all traffic or specific types of traffic from a public IP address. This could be if you wanted to allow access to some media server from your friends house or something.