I want to start with self hosting something available from internet. Currently I have jellyfin, nas etc but everything is available in local network.
My biggest concern is securing local network. I thought i will run application on separate server, I will use small vps as proxy, but Im not sure if it will be enough
I was pondering the same for last couple of days and had some thoughts on how to make it feasible. My research led me so far to 2 prerequisites:
- must have Anubis in front
- must have a WAF solution in place that covers at least OWASP Top 10
I found pretty good Caddy documentation that covers both, so I think I’ll deploy a secondary Caddy reverse proxy that’ll perform such ops for public facing services.
Of course, I currently have only 1 Caddy instance reverse proxy ing my internal services, haven’t reached the part on traffic handling when my devices are connected to the “safe network” (aka my home LAN)
I run my server on the internet, and my security is crowdsec + geo ip block (well, white-list my country’s ip but same idea) and authelia.
Using this setup, I barely ever have even bots randomly pingig me, let alone anyone trying to access my NAS.


