Hello, I don’t have much experience in self-hosting, I’m buying a ProtonVPN subscription and would like to port forward. I have like no experience in self-hosting but a good amount in Linux. I’m planning on using Proxmox VE with a YunoHost VM. I already have a domain name from Njalla. I’m setting up a website for my computer store. I want it to have listings and payment options so they can check out there. I want my customer data to be secure. I don’t want it to have any JavaScript or nasty trackers. I want it to be FOSS. Any help is highly appreciated!
Wordpress 1,000%
I honestly don’t even know off the top of my head why you would use anything else (aside from some vague elitism connected to the large ecosystem of commercial crap which has tainted by association the open source core of it) – it combines FOSS + easy + powerful + popular. You will have to tiptoe around some amount of crapware in order to keep it pure OSS though.
WordPress shop maybe?
If you are accepting payments, you absolutely want to offload that to a third party payment processor, so that you don’t have to go through the hassle of doing PCI compliance.
I don’t want it to have any JavaScript
That’s not going to happen. I also don’t understand why you wouldn’t want JavaScript. All the concerns with it are about the times when you access a website by a proprietary software maker and encounter obfuscated and opaque code that you can only with great difficulty reconstruct what it does. But JavaScript “in the right hands”, like on a FOSS website, is perfectly fine and even required to make a webpage that can actually do something more than simply display text or images.
I feel like it was just a few months ago someone else was asking this very similar thing, including wanting to handle payment processing themselves as well.
Seriously OP, do not do payment processing on your own unless you already have experience with going through PCI compliance. And if you did, you would already have made the decision to off load it to an actual payment processer lmao
Don’t be a hero, offload payment processing to a third-party.
Second this wholeheartedly. There’s a reason businesses like Square space exist, and you will kill yourself trying to stay on top of things to stay up to date and secure.
For real. I handle PCI audits at work and at this point I’d pay somebody to do it for me.
Third. The first thing I mention when one of my clients asks anything about PCI is to offload as much card processing onto third parties as possible.
And if you have nothing in place yet, then 100% offloaded should be possible (with the possible exception of secure payment terminals if you need to process physical cards).
That said, it is still possible to use your own hosted WordPress storefront and offload the payment processing via tokenization or redirection. But a turnkey solution like Shopify might be better if you lack the experience.
Definitely use some sort of cloud server, I’d stay away from your VPN + port forwarding idea, it will only cause you issues. I heard good things about WooCommerce, it’s FOSS. You can’t get around JavaScript, it’s impossible to build a functioning online store without some kind of JS. WooCommerce doesn’t include trackers though, just the bare-minimum JavaScript that is required for the site to work.
You can’t get around JavaScript, it’s impossible to build a functioning online store without some kind of JS.
Well, sure you can. It will just be a pain to use for your users, especially when validation comes into play.
But a simple list with an “add to chart” button really won’t need any javascript.