Comment on [question] Help me access my local homeserver using a public domain name

• aaravchen@lemmy.zip ⁨4⁩ ⁨hours⁩ ago

  Yes, I did the DNS challenge as I mentioned in my OP and retrieved a wildcard certificate for all my local needs :)

  Saw that, I just wasn’t sure if you knew why it worked, which is why I mentioned it again. Glad you figured it out.

  source
• aaravchen@lemmy.zip ⁨4⁩ ⁨hours⁩ ago

  Ah, that’s why it’s not working with Firefox then too. Firefox comes with one of the secure DNS options turned on by default (DoH), which guarantees it will always reach a public DNS server and not get trapped into one from your home router, a cafe’s router, or your ISP. Since it knows the DNS will always be public, it also knows that the 192.168.10.20 address is not routable on the internet where it found it. S ome malicious sites can use a DNS record with a non-public IP address like this to get you to run JavaScript in your browser from the site you visited, to attack a device on your home network. So Firefox blocks that IP address from public DNS replies.

  Generally people will have a home router that allows them to have their own recursive DNS where they can insert their own records to things within their home network, and will disable the DoH or DoT (“secure DNS”) settings in their browsers as the way to do this. Putting the private IP in the Public DNS record doesn’t hurt though, it just might get stopped by various modern security protections is all.

  source

  • TheHobbyist@lemmy.zip ⁨4⁩ ⁨hours⁩ ago

    Since it knows the DNS will always be public, it also knows that the 192.168.10.20 address is not routable on the internet where it found it.

    That is in fact not it. I left the default firefox DNS setting. I simply enabled network.trr.allow-rfc1918 from within the about:config which allows the resolution of local IP addresses. It now works. All my DNS are public, I make no use of any private, local DNS.

    source