Yes, networking and sysadmin are hard, because the Internet is a much more hostile place than it was 20 years ago and the consequences for getting things wrong are much more severe. Early 2000s, ISPs had ports open by default and getting a static IP-address was a question of just asking. With dyndns, we were hosting websites off home computers. I remember a comment on HN saying that some US university provided publicly routable static IPs to dorm room port. Not even sure I could get a static IP-address nowadays as a home consumer, never mention the willingness to host something that is not behind a WAF.
And when you got things wrong back in the day, you came home from school, saw a very weirdly behaving computer, grumbled and reinstalled the OS. Nowadays it is a very different story with potentially very severe consequences.
And this is just about getting things wrong at home, in corporate environment it is 100x more annoying. In corporate, anyway you spend 80% of the development time figuring out how to do things and then 20% on actual work, nobody will have the time to teach themselves something out of their domain.
I'm hosting from my home with a static ipv4 right now. It's been running for years without a single problem. I just put in a basic pf config. Everything is fine. It's not that scary.
I've hosted stuff at home for almost 30 years, never bothered with a WAF. I have several VMs exposed with public IPs. If you keep your OS updated, it's hardly the end of the world. Sure, if you put up an unpatched OS from 10 years ago, you're going to have problems.
I have 2gbps at home and open ports and IPv6. It’s a dynamic IP but it changes maybe once a year. I could host a site here, sure. It’s infinitely better than it was 20 years ago.
OSes are more secure. Isolation is better. Languages are better. Hardware is vastly cheaper and faster and more reliable. Everything is easier and faster and better.
In the corp world we have this absurd embarrassment of riches. There are like ten choices in every category. Half of it is free. It’s easier to set up and run than it was back then. Way easier. Hosting is silly cheap if you compare cost / performance.
People are just incurious and brainwashed with this weird sense of helplessness.
This security phobia is so overblown if you take some basic precautions and don’t run crap service software.
If I were hosting something controversial that might draw the ire of one of the insane political cults out there I’d run it through a free CDN maybe. That’s easy.
It doesn't matter how easy something is to set up and run from technology side if actually being able to set it up and run it takes half a year or more coordination calendar time, justification to several different departments, their review and approval. It's completely understandable, regulations and audit requirements are what they are: but then it is strange to read that modern developers somehow are paralyzed with terror. Well, the ones who were willing to try new things got shitcanned long time ago, this is the people who you have.
Isn't it anyway better for admin and security folks to have developers not get any ideas and stick to the bounds of the box?
And when you got things wrong back in the day, you came home from school, saw a very weirdly behaving computer, grumbled and reinstalled the OS. Nowadays it is a very different story with potentially very severe consequences.
And this is just about getting things wrong at home, in corporate environment it is 100x more annoying. In corporate, anyway you spend 80% of the development time figuring out how to do things and then 20% on actual work, nobody will have the time to teach themselves something out of their domain.