Comment on Security considerations about hosting Immich from home
androidul@lemmy.world 2 weeks ago
assuming that you’re to expose that to the Internet, my recommendation is to deploy only
- WAF solution, such as github.com/corazawaf/coraza-caddy
- bot blocker such as anubis.techaro.lol/docs/admin/environments/caddy
complicate the setup too much and it’s going to rather be more painful to maintain and also much easier to misconfigure.
The WAF covers OWASP Top 10 so that should give you around 70% protection which is still better than nothing