Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I do it the good old fashioned way, with a reverse ssh tunnel from VPS to home. An added benefit is that SSL is terminated only at the very end, so the VPS provider is just a dumb pipe.


The problem is, since the reverse proxy and authentication system face the internet, you are responsible for maintaining its security.

Software has vulnerabilities. Like nginx proxy manager had vulnerabilities and the developer didn’t patch some.

With a cloud based proxy, a third party handles authentication. But then, they shouldn’t access data.


For purely personal stuff which I only access from my devices, I use SSL client certificates in front of normal auth. The rest of services are mostly public anyway.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: