Is this a good setup security wise? I have a password for my emby admin login, will update it to make it stronger as well.
Using Cloudflare is a great idea since they offer restriction rules such as GeoIP filtering and some exploit protection.
It's still not a good idea to expose services directly to the Internet, pointing your port forwards at a reverse proxy container like traefik will also require attackers to know the DNS before they can do anything and effectively hides services from appearing in port scan directories (someone searching specifically for emby servers to exploit will have a harder time finding it) .
For anything not web-based VPN with private key authentication is the only solution.
Warning: Unraid Servers exposed to the Internet are being hacked
in Announcements
Posted
Using Cloudflare is a great idea since they offer restriction rules such as GeoIP filtering and some exploit protection.
It's still not a good idea to expose services directly to the Internet, pointing your port forwards at a reverse proxy container like traefik will also require attackers to know the DNS before they can do anything and effectively hides services from appearing in port scan directories (someone searching specifically for emby servers to exploit will have a harder time finding it) .
For anything not web-based VPN with private key authentication is the only solution.