Comment on Security considerations about hosting Immich from home
uuj8za@piefed.social 1 week ago
Definitely put it behind Netbird.
Also. I have a Jellyfin instance that I share with family, where I actually can’t put all of their client devices behind Netbird.
For that case, I used Netbird’s reverse proxy feature. So technically the Jellyfin instance is exposed to the public internet. HOWEVER, Netbird allows you to block or allow certain IP addresses. So while my Jellyfin instance is technically on the public internet, it’s only accessible from 1 specific public IP.
Otherwise, if you’re on the Netbird VPN, then the domain I have set resolves to the internal IP.
daniskarma@lemmy.dbzer0.com 1 week ago
I have that but with caddy.
On the caddyfile you can put to only serve the site to certain IPs and reject the others with any status normally 403 or 404.
Attackers probe the site, but all they get it’s a connection error.