I’ve migrated from cloudflare pages to cloudflare tunnels as I wanted to do a little bit more.
I can’t segregate my network as my ISPs router is rather limited, which means no vLANs. Connecting another router would introduce a double nat as they don’t allow bridging. So I’m running my website basically “raw” in a hyperV virtual machine. the website is semi-static and made out of flatfiles, therefore it’s is quite impossible to login into it. as stated before i’m using cloudflare tunnels to expose a nginx server to the interner. what are the chances someone or something (bot) inflataring my network? 100% safety is not possible but how safe am i?
Run your hosting inside a docker container. If someone were to hack you they, in theory, would only have access to whatever is in that container and not your entire server. Someone with more expertise please feel free to correct me if I’m wrong. I am not an expert in this, just offering what I (think I) know.
Exactly. Even if they make it into your network (which would be somewhat unlikely already, since CF obfuscates your home IP), as long as you don’t run your docker containers in “privileged” mode (or give the containers RW access to important directories on your server), you’d be fine except for the most end-of-world scenarios.