I’m reading some Cloudflared tunnel guides and I’m seeing no mention of limiting admin to local LAN and notifications??
-
Admin Local LAN only; I have not gone through the Argon2id PHC hash process. Once I do is it considered no longer necessary to limit admin page to local LAN? Or are these guides not doing best practice, or relying on fail2ban?
-
Notifications; Edit; I’ve read the updated pages and fixed my config, proxy redirect 3012 no longer needed now.
I have not been paying attention to this project much, but I have a older setup that has been rock solid, admin panel is limited to local LAN subnet. My config files currently include things like this below. I have some domain name changes coming up and we are moving things to cloudflared to get rid of site IP and local firewall rules.
Limiting access to VW to local LAN only Caddyfile
@insecureadmin {
not remote_ip 192.168.10.0/24
path /admin*
}
redir @insecureadmin /