A few months ago I decided to self-host everything for my software house instead of paying for cloud infrastructure. Here’s what’s running on a Raspberry Pi 4B (4GB) at home:
Astro static site + nginx Full mail stack (Postfix + Dovecot + Roundcube) in Docker MariaDB with automated backups GoAccess analytics with custom Python bot/human separation Dynamic IP blocklist generated at every deploy Certbot managed on a separate Orange Pi Zero 3 (HAProxy + SSL termination)
The Orange Pi Zero 3 as a dedicated HAProxy node was the best €25 I spent — SSL overhead completely offloaded from the Pi, all subdomains routed through one config, clean network separation between “what faces the internet” and “what runs the services.” Storage: all boards boot from SSD via USB3. No SD cards in production. The ISP situation: Eolo wireless, 20Mbps down / 100Mbps upload. Yes, upload is 5x download. For a web server that’s actually ideal. Real stress test — June 22, 2026 A post on r/italy hit 20k views in 24 hours. Numbers that day:
555 human visitors (vs ~180 daily average) 151 unique IPs 72.2% return rate 9.98 MB bandwidth 0 downtime 0 errors in the mail stack
PageSpeed from Google’s infrastructure:
Desktop: Performance 100 / SEO 100 Mobile: Performance 97 / SEO 100
No CDN. No Cloudflare. No edge nodes. Just nginx on a Pi. The honest limitations:
Single point of failure — yes, if the Pi dies the site goes down Mail deliverability on residential ISP is hard (Brevo relay helps) No redundancy — we run backups, not replicas
All traffic data is live and public: stats.lake8.dev/geo.html Happy to answer questions on any part of the stack.
Last time I tried something like this my ISP cut me off by sending me an email after they cut me off about how if I am running a business website it has to be through their business plan not residential plan.
I never saw the email because they cut me off before I could ever view it.
I wasn’t even hosting a business site but it was for a wedding announcement and RSVP shit.
Little guys have a hard time these days.
What if you hid your traffic by using a wireguard VPN like mullvad as your exit node? Your ISP wouldn’t be privy to the services you host all they could see is that your using wireguard or a vpn
Not a ad but want to leave this here because I think it’s relevant. Najalla has a VPN service that is very unique, instead of giving you multiple exit points with different IPs and maybe 1 portforward they give you One static IP with full access to portforwarding for like 5€/Month
I am in no way affiliated with them but I am just a customers of thier service and enjoy it!
That’s brutal — and unfortunately very common. ISPs love the “you’re violating ToS” card, especially when they have a more expensive business plan to sell you. The irony is that most residential ToS are deliberately vague about what constitutes “running a business” — a wedding RSVP site is hardly a commercial operation, but it doesn’t matter when the ISP is the judge, jury and executioner. We’ve been lucky with Eolo so far — they haven’t flagged anything. Part of the reason is probably that our traffic profile looks residential (low inbound, spikes rather than constant load) and we’re not running anything that would show up as “suspicious” on their side. The asymmetry you’re describing is real though. A large company can host whatever they want on enterprise infrastructure. A small developer hosting a wedding site gets cut off without warning. Self-hosting is getting harder at the residential level precisely because ISPs have a financial incentive to make it harder. Hope you found a better solution eventually.
Was this a well known ISP or a local ISP That’s weird. Did they have a policy against that? Even when I didn’t have a business account with my ISP, they didn’t seem to care,
It was Comcast. Luckily I don’t have them anymore. Thank God for municipal fiber.