Comment on Jellyfin over the internet
EncryptKeeper@lemmy.world 2 months agoNot so much a fight as an exercise in futility lol
Comment on Jellyfin over the internet
EncryptKeeper@lemmy.world 2 months agoNot so much a fight as an exercise in futility lol
dbtng@eviltoast.org 2 months ago
Well, I might as well put a dog in the fight. I’m considering my final, actually secure deployment of nextcloud.
This discussion has convinced me that a vpn is the only answer.
And almost everyone says wireguard.
K. Thats what I will build.
EncryptKeeper@lemmy.world 2 months ago
It’s not the only answer, but it’s the one that will get you the most secure with the least amount of effort.
dbtng@eviltoast.org 2 months ago
Ya. I understand VPN.
Nailing down a web server tho … there’s so many ways to attack. There’s so many things to secure. And its a bit complex to manage all that.
The nextcloud site covers hardening the server, but doesn’t even mention vpn.
I’ve been watching threads like this. I’m pretty convinced vpn is the answer.
EncryptKeeper@lemmy.world 2 months ago
Yeah Nextcloud won’t mention VPN for hardening because the assumption is you want it publicly accessible.
I have a number of things publicly accessible and there are a number of things I do to secure them. crowdsec monitoring and blocking, a reverse proxy with OIDC for authentication, a WAF in front of it all. But those are only for the things I have exposed because I want other people to use them. If it’s something just for me, I don’t bother with all that and just access it via VPN.