this post was submitted on 19 Jan 2024
12 points (87.5% liked)

Selfhosted

40113 readers
1058 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

ive anabled a port forward on port 80 (TCP/UDP) to my server, but i still cant acess it. i know its unsafe to just open a port like that, this is temporary, just wanna see if it works. ill put a reverse proxt and https on it later

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 9 months ago (1 children)

Please set up Tailscale or a Wireguard VPN before you start forwarding ports on your router.

Your configuration as you have described it so far is setting yourself up for a world of hurt, in that you are going to be a target for hackers from literally the entire world.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago) (1 children)

before you start forwarding ports on your router

Don't you mean instead of? If all the OP wants to do is access next cloud, they can do it over the VPN without forwarding ports. What you're suggesting doesn't solve the problem of port 80 being an attack vector, and adds yet another attack vector (the VPN itself)

[–] [email protected] 1 points 9 months ago (1 children)

Realistically, yes. But it’s a phrase and it’s important that they start doing that first. Maybe it’s their intention to do it publicly.

Also, sure, but a Wireguard installation is going to be much more secure than a Nextcloud that you aren’t sure if it’s configured correctly. And Tailscale doubly so.

[–] [email protected] 2 points 9 months ago

Wireguard installation is going to be much more secure than a Nextcloud

I understand that, and it's a good suggestion and a better solution if it fits the OPs use case. I don't understand suggesting they do both. Either VPN or port forwarding solve the problem, doing both seems unnecessary.