0

I'm running some services inside Docker and been having some issues with it: I have a NodeJS app (TLS stream communication) running on a custom port (let's say 2321). I exposed the port from my container and opened it on the firewall. On Cloudflare, I set-up a DNS-ONLY (non proxied) A record for a subdomain (server.example.com), and it works on http://server.example.com:2321/

Is this approach safe to use, or am I missing something crucial?

I'd also like to setup Owncast, to cast RTMP streams to the server. I was thinking of doing the same thing as above. Again, is this safe?

Otherwise the VPS is secure, fail2ban setup, publickey auth only, only opened 80/443 and 2321 in firewall (will need 1935 for RTMP) + custom port for SSH.

HBruijn
  • 77,029
  • 24
  • 135
  • 201
Matic
  • 1
  • If your service needs to be publicly accessible, that is the typical way to do it. – HBruijn Aug 11 '23 at 13:18
  • Security depends on the service. It's a process, not a state, so if the service is not well configured or fundamentally insecure, then it will remain insecure. – vidarlo Aug 11 '23 at 13:33

0 Answers0