There is so many things wrong with this post…
You have become the classic case of knowing enough to be dangerous.
Please start by closing off port 80. Do not ever expose anything to the internet without proper security measures. You want to use https (so port 443) and you should consider if you really need to expose it at all. My guess is that your browser is not allowing plain http traffic since it is a security nightmare. (Someone could man in middle it and take control of your browser plus there is lots of information your browser sends to the server) If you still want a public server you can use caddy in a container on a preferably dedicated device. You don’t want to just run a service from your main device since if it gets exploited you are in trouble. httpd is not industry standard (although you can use it) so I would be careful about blindly trusting it. You want a multilayer defense with possibly some sort of rate limiting to stop bots from destroying it.
The bots are a much bigger threat than Lemmy