Reverse Proxy

Shutting out the World

I’ve been running some of my services so that they are accessible from the outside world. Some of this has been for fun (like my calibre setup) and some because I want to keep control of my own data. I’ve self-hosted a quite a few services on my NUC now, including things like Plex and tinytinyrss. Many of them have been exposed to the internet as subdomain, so that I could use them both from within my own network and when I’m out and about.

Hardening the Reverse Proxy

I came across a blog post online about how to make an nginx-based reverse proxy more secure and I went about implementing it immediately. It took me all of 30 minutes to follow the steps and get an A grade from SSL Labs! It’s still going to take more to convince me that this will deter all but the most determined hackers, but it allows me to access my services when I’m not at home.

Outside Access

The NUC that I bought a while back has mainly just been used to run a Plex server. Lately I’ve been playing with setting different things up on my Raspberry Pis, including my own internal DNS. Then I was talking to a colleague of mine about my Munin setup and I really wanted to show him what I’m doing. So, perhaps a little radically, I devided to open up access to the outside world