this post was submitted on 01 Apr 2026
706 points (99.0% liked)

Selfhosted

60742 readers
160 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] radar@programming.dev 31 points 3 months ago (3 children)

Reverse proxy doesn't really get you much security. If there is an application level issue a reverse proxy will not help

[–] tiz@lemmy.ml 4 points 3 months ago

I see thanks. I’ll think about it more.

[–] whimsy@lemmy.zip 4 points 3 months ago (1 children)

Hmmm, I'm a bit rusty on this but can't one put an auth gate in front of the application, handled by the reverse proxy?

[–] radar@programming.dev 2 points 3 months ago (1 children)

You can, that would actually give you security. Not sure how many people do that. I assumed a straight reverse proxy without any auth

[–] PeriodicallyPedantic@lemmy.ca 2 points 3 months ago

I think that's one of the major reasons to use pangolin over something like nginx - built in auth and support for oidc.

Of course, the native jellyfin apps don't like the auth layer so idk if it helps if you're trying to install it on your dad's tv

[–] WhyJiffie@sh.itjust.works 1 points 3 months ago

well, at least you are not depending on the application to do TLS properly, and you may be able to set up some access restrictions that your clients may support