$10/year gets you what you need from Purelymail. https://purelymail.com I have used them for the last year or so and the service is fast and near real time with messages hitting my inbox (I use Thunderbird to download my mail).
I use this:
Timekpr-NExT (It’s stylized as this way) Here’s a decent write up of it:
https://itsfoss.com/timekpr-next/
And the source I think: https://mjasnik.gitlab.io/timekpr-next/
Here’s our household need for it and I think most people will not like it, but it’s what works for us. I have a special needs adult step daughter which has a TBI from a major traumatic auto accident at the age of 2. For most people who see her, she passes as high functioning but that is on the outside. As a result of the accident and brain injury at age 2, In real life, she has problems with the concept of time and time management. She also lacks the executive functioning that most adults have such as the correct decisions in life to make, just to name a few. Having this on her system (Arch Linux) allows us to at least limit the screen time which is what we were wanting. As for filtering NSFW stuff. She’s extremely turned off by the thought of people being intimate so, we are pretty comfortable with unfiltered internet. (I also run a DNS server in which if needed can filter traffic).
Another person mentioned using SELinux - this reminded me of using OpenSuSE - that distro is very tuned toward adminstrative access for even basic things such as modifying the network (Well…at least basic for me LOL ) . I think of it is as an ideal OS for small organizations with a single IT person on staff.
What I do is this - and some may frown upon it because well…Cloudflare! But I use Cloudflare’s tunnels to access my remote instances for my password manager, Home Assistant and a SSH shell. All of which are behind passwords and 2FA. I then have only one port open on my router, that’s for my wireguard instance. I access it using my ddns and can be on my home network from anywhere.
I’d move away from the tunnels and push everything through WG, but my family is not as savvy as I am and don’t always activate the tunnel when away from home. I am putting a plan for that this weekend though. :)
Primary benefit of using a VPS:
Placing mission critical items there which you can not afford to have go down due to hardware failure Some of those items may be a DNS Server, uptime monitor, or VPN/Wireguard Tunnel.
They are usually quite fast, and will provide a STATIC IP which makes it easier to set your domain’s DNS resolver to, it never changes as long as you keep paying. :)
**Disadvantage of VPS: **
Who says they don’t log into your VPS Instance and snoop around? I’m sure about 99.99% of VPS hosts will never do that and are ethical, and honestly, won’t really care to. At a moment’s notice, the VPS can close shop and take your data with them. (I had that once a few years ago). No warning was given and they went dark. Very aggravating. Fortunately, I had a fairly recent backup but still.
If you do go with a VPS, a place which supports KVM is a huge bonus! You can then install just about any host OS you want. Pivo is a good place for this and they are reasonably priced. They’ve been around since 1997 and I doubt they will go anywhere. Or you can spin up an instance at Linode and take advantage of some of the free trials they have (Jupiter broadcasting a podcast production company has something like $100 credit for them, so you can get your ‘feet wet’ testing things out.
My advice, if you go with a VPS, avoid eBay for hosting plans, and read reviews of the sites you are considering. Trust pilot and others are often great resources.
**Benefits of your own hardware: ** You have everything on your server, you know where everything is and can have the peace of mind knowing it’s there and not looked at by anyone but you or those you trust.
Disadvantages of your own hardware
If anything fails, you are responsible for repairing/replacing it, this can also mean some massive downtime depending on how long it takes.
Your hardware is limited by the resources you provide it, Memory, Disk Space etc. Your ISP may throttle your data and cap the usage as well.
I have MFA enabled on that account have had it there for years. :) (2FA + Webauth) Password already updated too. :) That email I know has been all over the dark web based on my monitoring alerts and know it’s been used. All of my important user accounts with that email were changed to a new one 6 or so months ago. I just forgot about this one and like I said, never really used it anyway. :)