I run 0807, a small self-hosted file host. Drop a file, get a short link, and choose when it disappears.
What it does:
- No account, no ads, no trackers
- Auto-delete by time (1 hour up to 30 days, or never) or after a set number of downloads
- Optional password protection on files and on text notes
- Files up to 20 GB, with 16 TB of storage behind it
- Reachable over Tor through an onion service
- Text notes with the same self-destruct and password options
- A few file types are blocked for safety (exe, bat, scripts, and similar)
PS: there is no end-to-end encryption, and that is deliberate. The server can read what is stored.
I want to be able to take illegal uploads down when they get reported, CSAM in particular.
End-to-end encryption would make the server blind to its own contents, which is great for privacy but would also stop me from acting on those reports.
If you need real secrecy, encrypt the file before you upload it. The password option is there for casual privacy (not as protection from me or from whoever might get into the server.)
The code is open, and I host it the same way I host the files, on my own server instead of HERE .
You can read it, propose a change, or open an issue there, no account needed
Happy to answer questions about the setup or take feedback.
I want to be able to take illegal uploads down when they get reported
never underestimate how fucked up the internet can be, and how quickly they can ruin things.
For filehosts probably at least 90% of all uploads are illegal if you ask a copyright lawyer. 🥴 But that’s mostly just people sharing culture.
Of course damn CSAM is a different (and actual) kind of issue and plain awful to deal with. If I remember correctly some organisation from the US provides a free list of checksums of known crap that’s circulating to automatically check media file signatures against, I think that’s the first thing I’d look for to have some baseline defense against those disgusting fucks. Or (depending on your jurisdiction) even be compatible with the law for public hosting services.
Better use Tor & a trustworthy search engine when looking for infos how to implement such an upload filter, I wouldn’t trust automated systems from Google to not misinterpret your intention with these topics.
Doesn’t allow exe files
Introducing my totally real image called calc.jpg that is totally not a pe file with a different extension!
Anyway, prepare to have your file hoster be used to host malware payloads
I was thinking surely it doesn’t just look at the extension and instead uses the mime type at the backend… After looking for a minute (on mobile) I think thats what it does.
process.env.BLOCKED_EXT === undefined ? ‘exe,bat,cmd,com,scr,msi,vbs,ps1,sh,jar’ : process.env.BLOCKED_EXT)
Is the name of the service a reference to anything?
What happens if you run out of space because of too many uploads that are set to never expire?
(Also it’s neat! Thanks!)
Hey, hey, hey! Welcome back @0807.! You’ve made some changes, polished it up a bit, made it selfhostable. Awesome! I could see this being used ‘inhouse’. I’m wouldn’t be comfortable exposing this to the general public tho, for obvious reasons. The internet can be a very beneficial tool, but at the same time be a filthy, rotten, cespool. I’d rather not get dirty. I have bookmarked the source files at https://src.0807.st/, and dropped it in my projects folder. Thanks again for sharing your project.
Thank you for making this!
Do you keep in touch with the other folks who run cool filehosts? The only other one i know like this is catbox, but it is a similar vibe.







