Another thank you! Sumire is exactly what I have been looking for

Do not

Is this about the straight werewolves author?

Eternity is a loooooong time

TBH, it sounds like you have nothing to worry about then! Open ports aren’t really an issue in-and-on itself, they are problematic because the software listening on them might be vulnerable, and the (standard-) ports can provide knowledge about the nature pf the application, making it easier to target specific software with an exploit.

Since a bot has no way of finding out what services you are running, they could only attack caddy - which I’d put down as a negligible danger.

My ISP blocks incoming data to common ports unless you get a business account.

Oof, sorry, that sucks. I think you could still go the route I described though: For your domain example.com and example service myservice, listen on port :12345 and drop everything that isn’t requesting myservice.example.com:12345. Then forward the matching requests to your service’s actual port, e.g. 23456, which is closed to the internet.

Edit: and just to clarify, for service otherservice, you do not need to open a second port; stick with the one, but in addition to myservice.example.com:12345, also accept requests for otherservice.example.com:12345, but proxy that to the (again, closed-to-the-internet) port :34567.

The advantage here is that bots cannot guess from your ports what software you are running, and since caddy (or any of the mature reverse proxies) can be expected to be reasonably secure, I would not worry about bots being able to exploit the reverse proxy’s port. Bots also no longer have a direct line of communication to your services. In short, the routine of “let’s scan ports; ah, port x is open indicating use of service y; try automated exploit z” gets prevented.

I am scratching my head here: why open up ports at all? It it just to avoid having to pay for a domain? The usual way to go about this is to only proxy 443 traffic to the intended host/vm/port based on the (sub) domain, and just drop everything else, including requests on 443 that do not match your subdomains.

Granted, there are some services actually requiring open ports, but the majority don’t (and you mention a webserver, where we’re definitely back to: why open anything beyond 443?).

Client side, under advanced:

That’s a setting

ALright, thanks for the recommendation :) And yeah, “weird” and “metal” are good descriptions. Additionally, the backstory we got in S1 was definitely “fire”.

I liked the first 80% of the first season, and stopped watching halfway into S02E01. Is it worth continuing? Do we get any answers? Are they satisfying?

Ja ich weiß wo ich im Leben nicht mehr hinreise

Leider findest du auch bei uns genug, die Weidel & Co alles abkaufen.

+1 for Kagi though. Kagi is awesome.

See kids? This is why you never poke the pencil all the way up your nose.

Ja, worauf ich raus will: bei mir ist das Glas gleichbedeutend mit "lokaler Kleinimker’

Kann ja sein

Ist aber nicht der einzige lokale Imker, bei dem mit dieses Label untergekommen ist.

The fuck? Das ist das Glas, was ich bei unserem 86 Jahre alten Imker alle paar Wochen hole. Die Bienen sind seit 3 Generationen in der Familie.

Weird way to say

What does this have to do with Privacy?