Self-Hosted Main

502 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

[email protected]

Cloudflare Tunnel Safer Now? (alien.top)

submitted 11 months ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

I've seen a post on here before about Cloudflare tunnels being unsafe for exposing your locally hosted services to the web which I totally get.

However I'm a bit of a noob with complex VPN set ups and I tried to get Wireguard working in Docker but couldn't. I got a tunnel configured and exchanged all the peer keys and things but I think my initial networking docker-compose stack was incorrect possibly. Also the windows client for it is a bit ugly but that's by the by.

I've also used Tailscale in the past which is great but it feels like a temporary solution to me as you still have to remember ports and things (there may be a way around that if I remember correctly but I'd rather stay away from Tailscale. I prefer having control myself or through my domain name - probably illogical I know).

Instead I decided to try to protect the Cloudflare tunnel to my home network and I've made a policy in Cloudflare Access that won't let you in without emailing you a code (only my email address works) and having you enter it. I'd also rather adjust that to my 2FA app but I can't seem to get that to work here.

My question is: is that secure enough? And if not, what would you all suggest as an alternative (preferably an alternative that is pretty easy and means I can use my domain name)?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 11 months ago (1 children)

Cloudflare tunnels being unsafe for exposing your locally hosted services to the web

That's the pout of Cloudflare Tunnels. It's a reverse proxy.

Cloudflare Auth (zero trust) can lock down the tunnel so only certain people can access it.

I want to clarify something though. Cloudflare Tunnels IS SAFE. But if you choose to use it in a not safe way that's not the fault of the tunnel.

It's like putting on a bicycle helmet and then running on the freeway and wondering why your leg gets broken after getting hit by a car.

"but I was wearing my helmet" great, but that wasn't the point of the helmet.

[–] [email protected] 1 points 11 months ago

Makes sense. I was assuming that the people who were saying it wasn't safe were including the access control methods in that too for some reason.