And I would hope those websites are extremely low-risk and not anywhere near essential infrastructure or data ;)

I’m not sure who needs to hear this, but unless you work as a security engineer or in another security-focused tech field, you really shouldn’t be exposing your homelab to the open internet anyway

Most people access their homelabs via VPN - i don’t see anything here that’s a problem for that use-case.