![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
starseerdrgnI'm not gonna sugarcoat this blog entry. It really needs to be spelled out line-for-line.
Some people out there think that it should be as easy as "installing an application on a desktop" to run a website or web server. And in truth…Yeah, if this were still the 1990s. However, things have changed drastically, and just simply plopping files on an FTP or Apache server isn't going to cut it anymore.
1. Running your own website is hard as hell
If you're running a website alone, and just as a hobby, it's such an important step to make sure you're complying with your own local laws, the laws of whatever region is hosting your website—or if you're hosting your own at home, the rules of your ISP—and the keeping rules set up for your own site.
If you're not hosting your own website, you're likely running through a hosting provider which limits bandwidth by the month. You've got to make sure you don't go over that limit. You'll also have to make sure rouge website crawlers for search engines don't completely slam your server (robots.txt helps with this).
2. Securing it is even more difficult
Security is the biggest constant pain you'll learn to live with as a website administrator. Any software you run for your website—whether it's Wordpress or some other blog tool, or a forum, or Mastodon…—will have to be kept up-to-date, whether that's through an automated system, or through manual installation. And security starts with setting up that software, since doing it wrong will leave your entire site wide open.
(Disclaimer: I'm not going to go into node.js and its package managers. There's a character limit on blog posts, and too many jokes I could make about the "security" of that whole piece of crap.)
There's also security that has to be done at the server level, such as making sure your passwords are strong, and maybe even ensuring that people can't get into your server from just any computer (ssh keypairs, or Kerberos authentication for Microsoft IIS). These are extremely important, unless you actively want your website hacked.
3. Properly maintaining it is a necessary chore
Keeping an eye on log files to make sure unwanted access isn't hitting yoru server, making sure your server isn't compromised and spewing out malware or being used to attack other people, making sure you're not filling up your disk space or using up your bandwidth... These are things that you have to do at least semi-daily to maintain your server and website. And you really do need to know how to do these things.
4. Knowing how it works in case you need to deal with a major problem
If something comes up that some random panel in your applications can't solve, you're going to need to know a bit about how everything works before you can solve that problem. Whether it's a rouge script that's simply eating up all of the system resources (Mediawiki…), or a corrupted database, or someone managed to sneak in a little script by uploading it through your Wordpress, this sort of stuff happens to people on a daily—if not hourly—basis.
These days, it's not like the 90s, when it was fairly straightforward to run your own server. People weren't actively looking to exploit or attack your site to make some money like they are now. You have to be careful, and know what you're doing, to stay safe out there, and to keep your site or server from being used as a weapon against others.
