Self-Hosted Main

515 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

communick@selfhosted.forum

Encrypted website (alien.top)

submitted 1 year ago by py2gb@alien.top to c/main@selfhosted.forum

14 comments fedilink hide all child comments

Hiya People!

I have, for some time, had a specific problem in mind. I cannot, for the life of me, think of a better group to tell me my idea is crap.

In any case, I have a personal knowledge base I host facing the internet on a VPS. It is perfect for me, accessible, based on dokuwiki so its really easy to backup entire installation, the works. It is setup as a private wiki, so login is mandatory for viewing, editing, etc.

What I am looking for is mechanism for encrypting the data on the webserver when the user is not logged in. Under this scheme, the content of the server would be encrypted, only to be decrypted by the authorised password and encrypted again upon logout (or timeout).

Does this make sense? are there solutions like this out there?

I will attempt writing a plugin for dokuwiki, just wanted to make sure there is something out there that solves this problem in general.

Thank you!

you are viewing a single comment's thread
view the rest of the comments

[–] It_Might_Be_True@alien.top 3 points 1 year ago (4 children)

What you want is called client side encryption. Everything on the server cannot be read. Everything is encrypted until it is actually on the client computer.

Lucky for you there is already a plugin for that.

https://www.dokuwiki.org/plugin:dokucrypt2

[–] py2gb@alien.top 1 points 1 year ago (3 children)

Cheers! I actually use this for some encryption here and there. My thought was more along the lines of the entire content. Server side.

[–] mistersinicide@alien.top 1 points 1 year ago

I think this plugin is probably the best you're gonna get. It encrypts and decrypts on client side. So the data that is transmitted and stored in dokuwiki is already encrypted before it even hits the server, so data on server side at all times is encrypted. So even if an attacker gets access to the VPS, the data there is encrypted and they have no way of knowing what passphrase was used for the encryption as it not stored/configured on server side.

load more comments (2 replies)