Self-Hosted Main

502 readers

4 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

[email protected]

Security and exposing apps (alien.top)

submitted 10 months ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

I recently figured out reverse proxies and I have several apps that I want to expose for ease of use for family members. I have found authelia and thought I could set that up as an extra protection against suspicions activity but after thinking about it a bit more I realized that the apps I want to expose already have user accounts and passwords so it would make things a bit more annoying when logging in. plus would authelia even work if the user is using a phone app instead of the web browser?

What are your ways of keeping your servers safe from suspicious activity or even monitoring them for suspicious activity ?

Before this post gets blasted with "just use a VPN" Yes I already have wireguard up and running but trying to get family members setup with a vpn that are technology illiterate is a nightmare

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 10 months ago

I used to use Nginx Proxy Manager for exposing services but generally you end up exposing the login page for that particular app and you have a different login per app which is a pretty shitty solution for non-IT folk. I've tried to set up Authelia and other similar things and found them to be very annoying to set up / configure. Maybe I'm just an idiot though!

I would suggest having a think about what you want to expose and whether there's a better way (eg overseerr instead of exposing radarr/sonarr)

CloudFlare tunnels are also great - they obfuscate your public IP and can have a login form in front of them. You provide a list of email addresses that can log in to Cloudflare and only those users can access the website. I have mine set up to auth through Google accounts for example but you can use GitHub, office and I believe Discord. Not managing user accounts has been a life saver for me... You can also block access from outside of your country.