I recently figured out reverse proxies and I have several apps that I want to expose for ease of use for family members. I have found authelia and thought I could set that up as an extra protection against suspicions activity but after thinking about it a bit more I realized that the apps I want to expose already have user accounts and passwords so it would make things a bit more annoying when logging in. plus would authelia even work if the user is using a phone app instead of the web browser?
What are your ways of keeping your servers safe from suspicious activity or even monitoring them for suspicious activity ?
Before this post gets blasted with “just use a VPN” Yes I already have wireguard up and running but trying to get family members setup with a vpn that are technology illiterate is a nightmare
You must log in or register to comment.
I used to use Nginx Proxy Manager for exposing services but generally you end up exposing the login page for that particular app and you have a different login per app which is a pretty shitty solution for non-IT folk. I’ve tried to set up Authelia and other similar things and found them to be very annoying to set up / configure. Maybe I’m just an idiot though!
I would suggest having a think about what you want to expose and whether there’s a better way (eg overseerr instead of exposing radarr/sonarr)
CloudFlare tunnels are also great - they obfuscate your public IP and can have a login form in front of them. You provide a list of email addresses that can log in to Cloudflare and only those users can access the website. I have mine set up to auth through Google accounts for example but you can use GitHub, office and I believe Discord. Not managing user accounts has been a life saver for me… You can also block access from outside of your country.