I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?

  • sludge@lemmy.mlEnglish
    3·
    2 days ago

    And since i don’t post my valid urls anywhere no web-scraper can find them

    You would ah… be surprised. My urls aren’t published anywhere and I currently have 4 active decisions and over 300 alerts from crowdsec.

    It’s true none of those threat actors know my valid subdomains, but that doesn’t mean they don’t know I’m there.

    • Gagootron@feddit.orgEnglish
      1·
      2 days ago

      Of course i get a bunch of scanners hitting ports 80 and 443. But if they don’t use the correct domain they all end up on an Nginx server hosting a static error page. Not much they can do there