• 0 Posts
  • 6 Comments
Joined 2 years ago
cake
Cake day: June 30th, 2023

help-circle

  • accessed from the internet

    Accessed only by you and close family/friends who you are also hosting services for?
    Or accessed by anyone?

    “Accessed by anyone” carries more risk.

    “Accessed by users you host for”, the risks can be eliminated (well, other than risks from those users) by using a VPN. As in, only the people authorised to be on the VPN can access the services.
    Wireguard is the go-to these days.
    Tailscale is much easier and free for 3 users and 100 nodes.

    If it absolutely has to be “accessed by anyone” I would look into a “reverse proxy over VPN/tunnel” or just straight tunnel style approach like chisel (or crowbar, or corkscrew), rathole, frp, or cloudflare tunnels.

    Basically, don’t point a domain at your home public IP and don’t forward ports on your home router/firewall