I self-host various applications and have been really happy with Wireguard. After watching just how hard my firewall gets hammered when I have any detectable open ports, I finally shut down everything else. The WG protocol is designed to be as silent as possible and doesn’t respond to remote traffic unless it receives the correct key. The open WG port is difficult to detect when the firewall is configured correctly.

If I want to connect to a device using SSH, HTTP, VNC or any other protocol it must first go through my WG tunnel. Running it on an OpenWRT router instead of a server means if the router is working, WG is working. It’s been rock solid. Using Tasker on Android I’ve set it up to automatically connect whenever I leave my house. It makes everything in my home instantly accessible no matter what I’m doing.

Another thing to consider is there’s no corporation involved with WG. So many companies have suddenly decided to start charging for “free for personal use” products and services it has IMO made anything involving an account worth avoiding…