Yeah, first try your ISP to see if you can get a dynamic or fixed IP instead. Check if their website/FAQ mentions dynamic IP or cgnat. They might outright reject it, or try to upgrade you to an extortionate business package though. I signed up for my service and checked the cgnat before signing up but they hadn’t got around to updating their website that they changed their policy. After the surprise of being behind cgnat and after screenshotting their own website, I complained and hit upgraded to a higher level package for free.

You can use tailscale to get around it, but then you need to install it on all devices and login. You can use cloudflare tunnels and think you can set it to not require login for some services. Both rely on third parties. Both are also safer than exposing directly to the public internet.

If you want full control, you have to rent a cheap vps and setup a tunnel between that and your home server, then use the public IP of the vps for your services. Wireguard is probably the best choice for VPN. You could try pangolin, which is an open source cloudflare tunnel so is more complicated than a VPN but also includes a reverse proxy.

In an ideal world this should be the case but I can’t afford to do this practically and my business is a service, based on UK laws and requirements, available to UK residents only. The website is for information only and nothing is new or interesting to anybody but a few potential clients, and if theyre looking at it on holiday, theres something wrong with them! Nobody is going to reach out based on my website from abroad and if they did, I would not trust them at all. They would reach out through personal contacts or linkedin. If the bots stop spamming my site or server, I can stop limiting it.

Another option to reduce (but not eliminate) this traffic is a country limit. In cloudflare you can set a manual security rule to do this. There are self hosted options too but harder to setup. It depends what country you are and where your users are based. My website is a business one so I only allow my own country (and if on holiday I might open that country if I need to check it’s working, although usually I just use a paid vpn back to my country so no need). You can also block specific countries. So many of my blocked requests are from USA, China, Russia etc

I didn’t know that, thanks for sharing

You could be behind CGNAT - I’m not sure the best way to tell but it could be the reason.

I would also highly recommend buying a cheap domain to use - it would be the price of a coffee per year but makes life so much easier and you don’t have to depend on duckdns. You can buy through cloudflare, porkbun or many other options which you can search for a good DDNS service to update them.

Removed by mod