This is what I do. I have a VPS that handles all the 443 traffic and then proxies it back to my home server on the correct port. I also just serve some things directly from the VPS since I have it already. It also works well to have a second box for things like uptime monitoring.
There is a lot of collaboration between the different instance admins in this regard. The lemmy.world admins have a matrix room that is chock full of other instance admins where they share bots that they find to help do things like find similar posters and set up filters to block things like spammy urls. The nice thing about it all is that I am not an admin, but because it is a public room, anybody can sit in there and see the discussion in real time. Compare that to corporate social media like reddit or facebook where there is zero transparency.