June 8, 20242 yr Hello! Lately, I've been thinking on moving some non-critical applications I host in a public cloud to my Unraid installation. However, I have some security concerns and I'm still not fully convinced. Any feedback will help a lot! My idea is to host a Plausible Analytics application in Unraid and make it available to my websites. Instead of exposing any port on my router, I was planning to use Cloudflare Tunnels, which solves how to expose the service securely. Now, I'm considering the worst scenario in which my application gets compromised and a potential attacker get full access to the VM. If this happens, my goal is to minimize the impact in my Unraid server and any device running on my network. Ideally, the VM only have access to Internet and it cannot connect to any device in my network, including the Unraid configuration site. I have different options in mind like libvirt configurations and a firewall at host level (if the attacker fully compromise the application, I assume they can modify VM firewall rules). VLANs are also a solution, but my router doesn't support it and I cannot change. Even if I could change the router, the VM would still have access to the Unraid host. Is there any possible solution to achieve the level of isolation I want? Thanks!
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.