As my home network grows, I’ve been trying to tighten down the security and separate devices/VMs/containers into vlans and hide them behind reverse proxies and security gateways.
That being said, I would love to hear what approaches folks use to pen test their self hosted environments to find any holes/leaks.
You could also look at not making anything available publicly and using something like tailscale to get access to your services.
Considering a lot of the things I host are for web use, I don’t think that would be an option ;)
But yeah, services that are not meant for web use are blocked from the net