I have a question:
I installed DietPi-Dashboard on my system and want access to it also from remote over my personal domain i bought.
Are there any security related questions about that?
Is it generally advisable making that public available?
reverse proxy with authelia?
cloudflare zero trust reverse proxy?
never put a webpage w/o a login open directly to the internet
Yes, i know that i never put a website without a login to the internet.
DietPi-Dashboard has a password feature, so is that enough?
nope, you should enable SSL as well within /opt/dietpi-dashboard/config.toml
Bit this would require SSL certificates to be generated first
# TLS for HTTPS
# - Default: false
#tls = false
#cert = "/path/to/cert"
#key = "/path/to/key"
Thanks for the replies.
I anyway decided to use webmin for remote server maintenance. This is also working very well.
The service is now available via a subdomain of my personal domain and i also got a let’s encrypt certificate as for the other services (Nextcloud, …) i host on my own.
Also activated 2FA on webmin.
So i assume that is also as secure as the Dietpi-Dashboard.
Another question:
I have hosted all my services on different subdomains. But i do not host anything on my base domain und when i open my base domain (without any subdomain) in a browser, the nginx welcome page is displayed.
Is that good practice?
I mean, nobody but just me and my family is using my services and i don’t need a “homepage” for myself.
How can i automatically reroute from my base domain to a subdomain?
Maybe this could give a hint url rewriting - nginx rewrite rules from main domain to subdomain - Stack Overflow
Done.
Thank you for yout help!
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.