Well, I'm probably nuts, but I have been running a server in my house for about 14 years. I have an elecronics manufacturing business, and sell
stuff online throughout the world. It is a one man shop, so I have to do everything. I run a Linux system as the firewall, web server, email server,
FTP server, primary domain name server, etc. I use an open source web store package that unfortunately has pretty much stopped development. I used to use both PayPal and Authorize.net as my payment processors, but Authorize.net changed their encryption scheme, and the store doesn't support that, so now I'm just with PayPal.
You really need static IP for a server. That requires a business account with most ISP's.
The hardest thing to set up was the DNS, there just wasn't a whole lot of docs on how to create the files.
Our electricity is insanely reliable, I don't have a UPS and the system has been running 216 days, even with hackers constantly trying to break in.
I do use a few special things to help:
1. There is only one net-accessible account on the machine, with a crazy 14-character password.
2. I run denyhosts with very tight limits. If a specific IP address has 3 login failures over 2 weeks, they are put in the hosts.deny list for 6 months, essentially making my machine disappear to them. The botnets keep track of the "horizon" of this blocking. Exactly 2 weeks to the hour after I put this in, my attacks dropped from 1000+/day to 3/day! So, the botnets are coordinating their attacks. Scary!
3. I set up a cron script to check daily for any altered files on the system. Just in case somebody DOES get in, I will at least get warned.
Jon