I have several selfhosted services that I have been using for months, now I wish to access these while I am not at home. Likes of nextcloud, nocodb, wikijs and other media sharing self-hosted services
I would like to know what precautions should I take so no one knows that such a domain exists.
should I purchase a crazy numbered domain like 671341412312.com ? or should I go for .tk domains.
Would like to get some suggestions from this community on other aspects that I am missing.
You must log in or register to comment.
Use cloudflared and Cloudflare Zero Trust / Access. You tunnel your services to Cloudflare, who then secures them behind a 2FA wall. No traffic ever goes to anyone aside from you.
cloudflare / cloudflared. No ports exposed, static or dynamic ips do not matter.
For just yourself? Get a domain that you can actually remember and use and then set up a WireGuard server (I recommend the Linuxserver.io WireGuard image)
Use that to access your stuff
Do you have 1 thing you desparately need to be publicly accessible? VLAN the VM off so it’s on its own and put a reverse proxy in front of it with HTTPS (and ideally MFA if you need auth)
Out of curiosity. If someone is accessing self hosted services only from certain locations where ip addresses are known, is it a good idea to whitelist those ips in firewall and block external access for the rest?
Yep.
Couldn’t you just get a regular domain and use a firewall to prevent access, so only your IP address(s) are able to access it.
I’m currently doing this myself, however I have a VPN on my local network that allows me access to my self-hosted service remotely as if I was at home.
There are other things you can do with cloudflare that will lock the sites down with authentication, but VPN and firewall have worked pretty well for my use cases.