And then, because you were never in a classroom and never took a class on security, you probably have no idea what a buffer overflow attack is or how to use tools like valgrind to check for them.

Then you put your C code on the internet and get your server pwned inside of an hour.

Slightly hyperbolic? Yes definitely. But there is a reason we don’t teach C to beginners anymore. Generally you want them to understand the mindset of coding before throwing them in the deep end. And I would bet nothing has caused more people to quit programming then Segmentation fault: core dumped

Pick a popular online service with a public API and write some scripts that integrate with them. Learn by doing.

So long as you have robust data sanitization on the backend to prevent XSS and HTML injection attacks…

If you can get away with just using Markdown, you should definitely use that instead of full HTML.

You should definitely set up a DMARC record to prevent other people from using your email domain to send spam. If you don’t have DMARC configured, other email servers will give any senders the benefit of the doubt and accept mail that claims to be from your domain.

You can just set the DMARC record to reject 100% of unverified mail and call it a day. Since you aren’t sending anything it won’t affect you.