More effort than I would consider. I’d just allow all traffic incoming on that port. I’d only consider whitelist if someone was giving me grief. Even then that would be after blacklisting an IP wasn’t solving my problem.
More effort than I would consider. I’d just allow all traffic incoming on that port. I’d only consider whitelist if someone was giving me grief. Even then that would be after blacklisting an IP wasn’t solving my problem.
I have a couple of services, including nginx (a website) that run though a Cloudflare Tunnel. No need to open up ports and certificates are automatically managed.
https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/
I also use ddclient to update my own personal domain with my internets dynamic IP (no need for a dynamic DNS provider). I have to do this as I host Jellyfin and Cloudflare don’t support streaming through their tunnels. So yes this is exposed to the internet. It does sit behind a caddy reverse proxy though.
I also run a wireguard VPN so that I can dial in when out the home. Im in Spain next week so can use that to get BBC iPlayer etc. The wireguard uses an address that is dynamically updated by ddclient (domain is hosted by Cloudflare)
Emails I don’t bother self hosting. I actually pay for simplelogin and send emails there via aliases. They then route to a single Proton email address.
Airport bars are crazy expensive too
Wonder if it’s a region thing. Not there for me either (UK).
Ha. That’s my bad. I didn’t even read the firewall rules listing 22/SSH. I agree on not opening 22 to the world. It just invites bots throwing passwords at it.
I just read Minecraft in the original post which from reading runs from 25565 which I wouldn’t worry about. If OP needs 22 for admission I’d either whitelist it or use a VPN/Tailscale.