I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?
I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?
I use pangolin and traefik together and expose a few of my services that way. But not everything.
I slot services into categories based on:
Then the service is either not externally open at all, secured behind pangolin SSO, or secured behind pangolin SSO AND that service’s native auth. Which is an annoying double auth, but I feel like it’s another layer of protection in case one of them gets a 0-day exploit.