Hey is there any alternatives to CloudFlare reverse proxies? I want to hide my server IP but not share everything with CF…

  • @[email protected]
    link
    fedilink
    English
    65 months ago

    Set up a VPS. Create a VPN tunnel from you local network to the VPS. Use the VPS as the edge router by opening ports on the VPS firewall and routing incoming traffic on those ports through the VPN tunnel to servers on your local network.

    I used to do this to get around CGNAT. I ran RouterOS in a Digital Ocean droplet and setting up a wire guard tunnel between it and my local Mikrotik router.

    It will obscure your local WAN IP and give you a static IP but that’s about the only benefit. And you have to be pretty network savvy to configure it correctly.

    It does not make you immune to DDoS attacks and is honestly more headache to maintain (albeit just a small headache).

    • SayCyberOnceMore
      link
      fedilink
      English
      15 months ago

      Not heard of RouterOS before … <quick search> I didn’t realise jad released firmware that would run in a normal VM… don’t suppose you have anything to compare it to pfSense?

      • @[email protected]
        link
        fedilink
        English
        3
        edit-2
        5 months ago

        They do maintain an x86 build. I haven’t used pfSense but I have used OpnSense so that’s that closest thing I have to compare it to. I think the upside and downside to RouterOS/Mikrotik is the same thing: it allows very granular control over almost everything. Maybe to a fault. It’s probably overkill for most home networks.

    • 𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶
      link
      fedilink
      English
      15 months ago

      DDOS protection is going to depend on the VPS. But for most services you could spin up a pretty lean Debian vm running a proxy like nginx proxy manager and run that over the tunnel. Something like opnsense seems like overkill.