[-] QF17@alien.top 1 points 1 year ago

I can expose things like HASS and my Unifi controller to the public internet, but stick it behind Cloudflare Access (and Office 365) for protection.

I can essentially unlock my door anywhere in the country, as O365 has conditional access setup to block international logins and I’ve got MFA set up on it.

My port forwarding is only enabled for Cloudflare IP’s, as is Nginx (for extra piece of mind) and I’ve got CF client certificates installed as well.

It mitigates the need for me to configure and use a VPN (although I’ve got one of those configured as well) - which I’ve noticed can be disabled on some networks (I always had trouble using VPN’s on T-Mobile in North America when I was there in 2018)

QF17

joined 1 year ago