Recent searches
Search options
Still researching various options for a new host (on a new domain) for my personal website. My needs are very modest (a ~1GB, totally static website), I just want a simple setup with a company that is trustworthy and will still be in business in 10+ years. Any recs?
@jplebreton Your own VPS, not managed hosting. On a respectable but cheap host.
@jplebreton Pure static with nothing but http(s) & ssh open can run for decades without OS updates.
This wouldn't be an issue with either high-isolation kernels or microkernels, of course, but we can't have nice things.
@lispi314 @dalias @jplebreton
openssl bugs also appear every once in a while
@Doomed_Daniel @lispi314 @jplebreton None affecting OpenSSH. The OpenSSH bugs of relevance are almost exclusively integration with junk like PAM. Unless I'm mistaken, in a reasonable single user or small server pubkey only config, OpenSSH from 20 years ago would be fine.
@dalias @lispi314 @jplebreton
maybe not openssh, but most probably whatever provides HTTPS
@Doomed_Daniel @lispi314 @jplebreton Oh. All those are weird cryptographic things relevant only with dynamic sites where you can control payloads. Not RCE, not relevant to static sites.
@dalias @lispi314 @jplebreton
Ok, I don't know enough about how the usual OpenSSL vulnerabilities can be exploited, so I'll take you word for it, as I think you know way more about this
@Doomed_Daniel @lispi314 @jplebreton Only recent RCE I found was CVE-2022-3602 which is client side validating malicious cert chains not relevant to static server.