Did you just add ‘blindly passing traffic’ to your statement? Did you read my comment about can help?
Move on, joker.
Did you just add ‘blindly passing traffic’ to your statement? Did you read my comment about can help?
Move on, joker.
The selfhosted guys are correct with that. Of course its not a magic pill, but it can help to minimize the attack surface immensely with little effort.
Edit: while open ports can easily be enumerated, a reverse proxy often requires knowledge of the right server name. In tls1.3 those are not transferred in clear. Depending on your thread scenario you might want to consider doh/dot etc.
Reverse proxies can require client certs, which lift the security benefit to something like a vpn. Even basic auth adds a high threshold to attackers and is simple even for random users to work with. All this is functionality many services don’t offer natively - as they assume a reverse proxy anyway I guess.
It was maybe 2003, and my Windows (XP I guess) was not working properly for like the third time this year, requiring a re-installation. I rad a home linux server (IP masquerading) at that time, and this has gotten me a student job administrating a web and a mail server, so I felt confident enough. This was when I first installed linux on my main machine. But I was dual boot or dual machine until end of 2025, when I finally got rid of my old gaming box and put CachyOS on my new rig.
Okay, a few years earlier a friend gifted me some slackware 1.0 CD, that partitioned my 800MB hdd into a 300 and a 800MB parition. The joy about the extra 300MB linux gifted me did not last too long when everything corrupted, and I went back to windows.
Using windows, which I have to do some times at work, feels so painful now.
Lol