I would like to access to my server only trough the proxy, like if I put my real IP I end up with nothing, but if I put the proxy IP it show me my server
Most people are under the impression that their IP being public is somehow super dangerous, and that “hackers will attack me” if it ever gets out. So likely “all the attacks against my entire network.”
Edit: Secondary thought, they legitimately have unsecured endpoints on their IP, and are hoping no one will notice if they aren’t handing out their IP to others. Still incorrect though.
If I want to host my services to the internet, I need to open a port in my firewall nah? is that not a bit risky than only allow access from the address of the data center to use this open port?
Well, if you use the CloudFlare WAF with login protection (available in the free tier), you’re pretty much safe since the connection doesn’t arrive at your server if you don’t authenticate in CF first (with Gmail, Microsoft, OTP, etc.)
@foremanguy92_@lemmy.ml
Honestly, if it’s just a small, personal project, just use common sense and take some basic precautions (e.g. use a firewall, use NGINX instead of serving Wordpress directly, etc.).
Note that CloudFlare doesn’t protect you from everything either - it only provides some very specific services. A rudimentary level of caching images being the most common one a free account level would be able to use.
Setup a VPN on a VPS. Use traefik and authelia. Authelia will be your authentication portal and traefik will tunnel the traffic from the auth portal to configd locations within the VPN. Get your home network on that VPN.
I would like to access to my server only trough the proxy, like if I put my real IP I end up with nothing, but if I put the proxy IP it show me my server
Removed by mod
Simply to protect my home server from attacks, and serve the content only with the remote server in a datacenter
Removed by mod
You’re asking excellent and very relevant questions.
OP, take heed.
Most people are under the impression that their IP being public is somehow super dangerous, and that “hackers will attack me” if it ever gets out. So likely “all the attacks against my entire network.”
Edit: Secondary thought, they legitimately have unsecured endpoints on their IP, and are hoping no one will notice if they aren’t handing out their IP to others. Still incorrect though.
Some ISP don’t rotate IPs so it can end up pinpointing your house very precisely.
If I want to host my services to the internet, I need to open a port in my firewall nah? is that not a bit risky than only allow access from the address of the data center to use this open port?
Removed by mod
Well, if you use the CloudFlare WAF with login protection (available in the free tier), you’re pretty much safe since the connection doesn’t arrive at your server if you don’t authenticate in CF first (with Gmail, Microsoft, OTP, etc.) @foremanguy92_@lemmy.ml
Honestly, if it’s just a small, personal project, just use common sense and take some basic precautions (e.g. use a firewall, use NGINX instead of serving Wordpress directly, etc.).
Note that CloudFlare doesn’t protect you from everything either - it only provides some very specific services. A rudimentary level of caching images being the most common one a free account level would be able to use.
Setup a VPN on a VPS. Use traefik and authelia. Authelia will be your authentication portal and traefik will tunnel the traffic from the auth portal to configd locations within the VPN. Get your home network on that VPN.
Choose VPS provider based on geographic location.