@pho4cexa I've hosted services from home since 2010. Initially just a wiki, but later other things. The things I'm hosting are only for my own use, so random internet users can't create accounts.

I've not had any trouble with break-ins so far. This doesn't mean that my server is an impregnable fortress, but probably the security checks on it are above average which might make it difficult for an attacker to implant something without it being noticed. There are over 100 STIG tests which run daily. The firewall only allows communication on the expected ports. There is no icmp. Cipher settings are mostly from bettercrypto.org. Administration is via ssh, not via a web admin system, although that might change in future.

I expect that over the next 5-10 years things will get more hostile for self-hosters like me. In 2016 the UK created a new law legalizing government "equipment interference" of computer systems. Other governments have been passing similar laws in the aftermath of Snowden. So I'm expecting in future that I might be dealing with problems such as trying to keep the government out of my systems.