Other people, not your friends or family or neighbors, can be thieves or bots and they can get a lot of info from your data. So if only you want to see the data (or only your family, the people who actually live in the house), I would say make it so that only you can see it. A website means the whole world can see it. Why is that needed?To access the site remotely, I need to open a port to the outside world, which feels a bit scary. How can I do this safely?
I don’t mind if other people can see the data on the website, but I don’t want hackers to use that open port to enter my home network.
I know exactly which devices should be allowed to access the site (two Android phones and a laptop). Is it possible to use SSH keys or something similar so that only those devices can access the website/port?
If that’s not possible, what can I do to make the open port as safe as possible?
I will be using a Raspberry Pi 4.
So for just 3 devices, a VPN is the best option IMO. It needs an own key/ID and simple config per device but that is it. I use WireGuard for case like this, I just need 1 pseudo random (portnumber is own choice) UDP port open. In the past I had a dedicated extra RPI3B+ for VPN (OpenVPN and WireGaurd own kernel module initially) but now just integrated in my router which all runs on an Arm64 SBC (like RPI4).
I have had also NGINX reverse proxy with certbot HTTPS running, but you need port 80 open as well, that I don't like at all.
A reverse proxy in VPS as mentioned in other post can be done, but I just don't want a third party involved (besides my fiber ISP and mobile ISP). Also for 0tier, same story, it is a great gapfiller for standard VxLAN+encryption, but adds a 3rd party that takes even more control than a VPS. When I (or you) access their main website, it is an hilarious set of scrolling marketing slogans. 1 I found like from the mafia, but now does not show anymore, maybe because other computer or cookies or so. You need client SW, that won't run on tiny IoT devices like PicoW etc. Also LAN, down to OSI layer2 is not needed, only Layer3 or even higher for majority. Additional problem is that I can't find which law (country) is applicable, maybe I have not searched enough, but if not clear within 1 minute, It is already de-facto warning flag for me.
Statistics: Posted by redvli — Sat Nov 22, 2025 9:37 am