I use Alibaba Cloud DNS.
Cheap, Out of any worry of being taken down by the USA.
this post was submitted on 23 May 2025
21 points (100.0% liked)
technology
23766 readers
166 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
Others already have good recommendations for the provider so I will add some other notes.
First, please note that with the way DNS works, your home IP will now be recognizable as "the IP this domain points to" so make sure the chain of networking devices are secure, starting at your router. At minimum make sure the router firmware is up to date. The only way to avoid this kind of thing is to have a VPS as an intermediary, essentially a tunnel, though there are fancy new ways of making tunnels more powerful, like self-hosting tailscale-like services. But that has its own security downside, which is trusting the VPS provider. I think a DNS entry for your own home IP is generally better in terms of security vs. time invested but the VPS can be made theoretically superior by being careful with cryptographic strategy.
Second, yes you can, generally speaking, forward external requests on a given port to a local network IP and port. This is a decent way to slightly obfuscate ssh. By default it is port 22, so instead of opening 22 externally, you make some high-number (like 55342) port externally route to a server on port 22 locally. When sshing externally you just specify the high number port. Your router firmware may limit how well this works.
Third, yes the IP changing can cause DNS problems. You can set up a dynamic DNS service that changes your DNS records if your router external IP changes. If you run router firmware like OpenWRT the router itself can run this service. But you can also run dynamic DNS on a local server and have it do the same thing. Using a provider with a good API like porkbun makes this easier.
porkbun is the one yeah. There are other options but they all kinda suck and so far I haven't seen anything bad with porkbun
don't use the big 3 cloud providers (aws, google, azure), they're ridiculously overpriced for what you need.
There are ways you could do it from your home internet connection, but it makes it slightly more complex especially if you want to be at all anonymous. Cloudflare, if you're cool with using them, does offer this capability I believe. But of course you'll be limited by the quality of your internet connection, stability of your power, and keeping your computer on at all times. But there's advantages too (you could have full disk encryption, cost is lower, you'll likely have a more powerful PC at home than the server you would rent, etc)
i used to use hetzner for server hosting and it was very affordable at the time but i eventually got IP banned for not paying my bills anyway
The DNS registrar Hexbear is using now is called: Porkbun
As for server hosting:
I use Digital Ocean for their most basic tier server, which costs me about $6 a month. However, I only use this server as a VPS (Virtual Privet Server) Gateway and Reverse Proxy. The server hosts a WireGuard VPN that connects back to a box I control that is stuck behind a CG-NAT. The VPS Gateway is necessary to pierce the CG-Nat and allow traffic to the box on the network I control.
On that box is where I host all the things I want to host. If you're not behind a CG-Nat then your network should have a public facing IP address that you can tie to a domain... However, I'd still recommend using some kind of VPS Tunnel, to not expose your ISP provided IP address to the world.
If your network gets a new IP address, you'll want some kind of DynDNS (Dynamic DNS) type service that can automatically update your DNS record with your new IP address. Though, again, if you're using a VPS Tunnel, then that shouldn't matter either, since your local machine will connect to your VPS as a VPN client, while your VPS acts as the VPN host.
I use porkbun for domain registration.
There are a bunch of budget cloud hosts: buyvm, vultr, linode, scaleway. You can also do port forwarding with cloudflare (but I'm not sure how it keeps track of your home IP).
I have a custom forwarding setup based on yggdrasil where my LAN machines connect to the forwarding host and each other, then the external traffic is routed over the VPN connection in the other direction. Its pretty nice, but I haven't taken the time to document it very well.
I haven't taken the time to document it very well
classic ops
There are some good server hosting options that allow Tor nodes here (also good for other uses): https://community.torproject.org/relay/community-resources/good-bad-isps/
I found 1984.hosting and bitfolk.com to be pretty reasonably priced.
I was considering using one of these to use as a WireGuard VPN to hide my IP at home when I self host at some point.