this post was submitted on 23 Nov 2023
6 points (100.0% liked)
Homelab
371 readers
3 users here now
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Cyber Security seems to bring out weird bravado where people pretend like they know more than they do. This thread is literally dozens and dozens of people spouting nonsense.
The bottom line is if you're running a cloudflare tunnel with authentication on the tunnel itself to a trusted auth provider and then enable 2FA on that auth provider, you have a zero trust model that is about as secure as most modern companies. All of the people saying BUT WHAT ABOUT ZERO DAY are beyond dumb. Enable auto-updates on everything you can, script the rest. The chances of there being a zero day vulnerability to cloudflare and then a bot is able to hit your synology page which then has its own security they need to get past, it's not likely at all. Monitor your Synology login attempts just in case it's all built in.
I know, right? I'm not going to lie, it's very amusing reading some of these replies...
I was literally just posting this in hopes of learning a thing or two, as I've always loved tech and this is a hobby that has given me great joy over the last couple of years.