Yes, I agree. Security wise I also don’t see a benefit in hosting the reverse proxy externally. I believe a dynamic DNS provider with a low TTL for the DNS records should work as good or perhaps even better. Not better security wise, but simpler setup, more reliable.
stulli
Ausversehen meinen Namen auf feddit gesetzt, aber zu faul einen neuen Account zu erstellen
- 0 Posts
- 3 Comments
Joined 1 year ago
Cake day: June 17th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I don’t like opening ports on my home router, because of the destination services behind the port forwarding. As long as those are secure there are no problems. But if a service has a vulnerability, someone could takeover my home network and creep around. That’s scary.
When people use Cloudflare Tunnels to publish their stuff, they usually still have that problem. The idea is that Cloudflare is intrinsically safe and would block all attacks. I don’t necessarily agree with that. But I assume it’s safer than having no security layer between at all.
I haven’t tried it yet, but saved this to take a look at some point: https://github.com/gutmensch/docker-dmarc-report