Comment on Uncomplicated firewall rule set for a *arr stack.
Kushan@lemmy.world 7 months agoThe guy above you gives great advice. Set up SWAG, then the only ports you’re exposing are 443.
Once you have that set up, look at adding something like authelia. This will give you 2FA on top of those apps meaning even if someone guesses the password and the URL to access them, they still won’t be able to.
dan@upvote.au 7 months ago
I used to use Authelia, but Authentik is nicer since it’s mostly configured through a web UI. It also supports SAML for services that don’t support OpenID Connect. It also has a proxy mode like Authelia, but that’s not recommended if the service has proper SSO support. There’s just a bit of an initial learning curve.
Kushan@lemmy.world 7 months ago
Yeah honestly either solution is a solid one