You can either support it on the front end with a proper VPN like Wireguard, or support it on the back end with IDS, honeypots, advanced threat management, constant monitoring, mitigation, patch management, backup and restores, isolation, etc.
Isn’t there a middle ground with something like Cloudflare Tunnels or Tailscale Funnel? Those still expose your services to the internet outside of a VPN, but they require a lot less maintenance than you described.
Isn’t there a middle ground with something like Cloudflare Tunnels or Tailscale Funnel? Those still expose your services to the internet outside of a VPN, but they require a lot less maintenance than you described.