Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Host a public service in a VM and isolate it

Featured Replies

Hello!

 

Lately, I've been thinking on moving some non-critical applications I host in a public cloud to my Unraid installation. However, I have some security concerns and I'm still not fully convinced. Any feedback will help a lot!

 

My idea is to host a Plausible Analytics application in Unraid and make it available to my websites. Instead of exposing any port on my router, I was planning to use Cloudflare Tunnels, which solves how to expose the service securely.

 

Now, I'm considering the worst scenario in which my application gets compromised and a potential attacker get full access to the VM. If this happens, my goal is to minimize the impact in my Unraid server and any device running on my network. Ideally, the VM only have access to Internet and it cannot connect to any device in my network, including the Unraid configuration site.

 

I have different options in mind like libvirt configurations and a firewall at host level (if the attacker fully compromise the application, I assume they can modify VM firewall rules). VLANs are also a solution, but my router doesn't support it and I cannot change. Even if I could change the router, the VM would still have access to the Unraid host.

 

Is there any possible solution to achieve the level of isolation I want?

 

Thanks!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.