Ask HN: How to securely expose an internal webserver to the internet

Published: August 30, 2024

abstract-business-code-270348

I would like to expose a web server such as the nextcloud to the internet. I want an authentication layer in front of it, as in the Cloudflare Access with ACLs. It will be on a custom domain and end to end encrypted with TLs. I prefer that the proxy in front is managed and secured by a company, since I am not an expert in security.

* Cloudflare Access: This is great, but Cloudflare terminates the TLS which is not acceptable (otherwise I will run the application in the cloud)

* Ngrok: The free tier is limited (doesn’t support custom domains and is too limited in bandwidth), and the pricing of the paid tier doesn’t fit

* A reverse proxy on a VPS with something like Authentik or Teleport in front of it. This would work but I prefer that I don’t configure and maintain the Authentik.

I am looking for recommendations.

Comments URL: https://news.ycombinator.com/item?id=41398722

Points: 1

# Comments: 0

Related Articles