When I see this sort of thing, and other people are trying to do it, a reverse proxy or vpn is always mentioned. Heres my question:
How Dangerous is it to just open the port for it on my router and access it like that?
Lets say i want to access jellyfin from Kodi on my xbox or something outside my network, the vpn solution wouldnt work for this i would think.
My issue with reverse proxies, and why im asking, is it seems less secure? I mean Im well aware that an IP is easy to get, i guess. But how likely is someone to look for something on my network specifically? With reverse proxies it seems like i would be broadcasting my server to the internet in a way its easier to happen across, than someone being interested in a random residential IP.
I run a minecraft server for friends on my main computer anyway, and i know tons of people do that, theoretically thats the same level of danger as opening my network for jellyfin specifically.
VPN isnt an option because of this xbox stuff i mentioned and people in my family who have 0 chance of understanding it regardless.
So what is the better option, going through this reverse proxy ( which im actually also unsure would work with kodi) or rawdog the server on my network. I guess leaving the server exposed? or every device even.
So the reason you’d want a reverse proxy is because it handles security and would do a much better job of it than an exposed jellyfin port.
Public FQDN -> your home IP -> your router allows 443/whatever to your reverse proxy -> it handles SSL and being hit by the internet (look into nginx security and even fail2ban) -> proxy serves up whatever insecure site/app you’d like.
Any suggestions on where to read more about properly securing my home network? Most of what I find Googling is just basics.
If you’re a beginner or just for most use cases, using cloudflare with proxied dns records along with Nginx Proxy Manager will provide a good amount of coverage for your homelab.