I live in the Netherlands too, but I’m certain this was an online service from the US. It’s definitely a minority of them but it happens nonetheless

That’s a good tip. Also: have your servers auto-update weekly. You will forget.

Caddy Reverse Proxy with Basic Auth for services which are critical like my 3d printer. Without auth for other services like my website or jellyfin and such. I use docker for everything so that’s another layer of safety for me.

I have port 443 open and use subdomains for most stuff. Some other ports for non-HTTP services but I don’t have any right now.

that service will keep working until the next billing day

You wish. I have had one too many services that cancel immediately upon request, even if you paid for the month 3 days ago.

I have an nginx reverse proxy with http auth, myself. It’s such battle tested software that I trust it fully

Yeah that’s what I have too. One of my servers is exposed with key auth and I just tunnel to other servers from there. A few MB egress is nothing compared with the amount of spam my webserver needs to deal with

It literally is. All premium options are a choice.

Ad removal lifetime is $20, Ultra (which brings extra features) is subscription based and a little more expensive.