If you can use Wireguard that is probably a good solution but I would still prefer to have a cloud proxy in front of it because my network can not handle all the attacks and wouldn’t even notice some of them if you use just Wireguard.
I use CF Tunnels firstly because of all the protections and traffic analysis it does, and secondly, because even DDNS wouldn’t work on my network.
What attacks are you worried about when you open wireguard port?
It is a UDP port so attacks are limited, and changing the default port gives you even greater protection. So they cant even know you are running wireguard behind that port. (If someone is able to know then most likely it is your ISP lol)
Wireguard just works, you own everything and control everything.
Im struggling to find a reason to not use wireguard for security reasons which forces you to use cloudflare or tailscale, if wireguard is not secure enough for you then there are more things to worry about other than what tech to expose services with.
If you can use Wireguard that is probably a good solution but I would still prefer to have a cloud proxy in front of it because my network can not handle all the attacks and wouldn’t even notice some of them if you use just Wireguard.
I use CF Tunnels firstly because of all the protections and traffic analysis it does, and secondly, because even DDNS wouldn’t work on my network.
What attacks are you worried about when you open wireguard port?
It is a UDP port so attacks are limited, and changing the default port gives you even greater protection. So they cant even know you are running wireguard behind that port. (If someone is able to know then most likely it is your ISP lol)
Wireguard just works, you own everything and control everything.
Im struggling to find a reason to not use wireguard for security reasons which forces you to use cloudflare or tailscale, if wireguard is not secure enough for you then there are more things to worry about other than what tech to expose services with.