Guest asrequested Posted April 13, 2018 Posted April 13, 2018 Ok, so there's lots of discussion on reverse proxies etc. I've been using a VPN service to obfuscate my IP and activities. But I'm unhappy with it crushing my bandwidth. So here's what I'm interested in. I want to encrypt my internet activity and not affect my bandwidth. Also, not have to add keys to my remote devices. I have a remote user in another country, and I just don't want the hassle. What's the easiest way to achieve this? Cloudflare? I'm not really concerned with layers of security. I just want solid encryption with ease of use. I was going to start googling, tonight. But you guys are wizards at this stuff. And of course then I'll have to configure the server, too. But I'm pretty sure I can figure that out.
dcrdev 255 Posted April 13, 2018 Posted April 13, 2018 CloudFlare is probably the right option here - You only really have 2 options: 1) VPN (which you said you don't want) 2) Reverse proxy (like CloudFlare) CloudFlare is pretty easy to set up: 1) Point your domain to the CF nameservers 2) Configure an A record in CloudFlare pointing to your ip. One consideration though is that by using CF users IP's wont be logged at your end you'll just see requests coming in from CloudFlare. So you might want to consider a set up like Emby -> Reverse Proxy (Apache/nginx) -> CloudFlare , as CloudFlare has modules for both Apache and nginx to restore the origin ip address to your logs. Also depending on your needs you might not want to route traffic to your domain via CloudFlare internally, so you might consider setting up a local DNS server for your internal realm. Then depending on your needs you might want to consider configuring caching in CloudFlare - which makes things a lot snappier. I use Apache -> CloudFlare and have done for a couple of years, works great - pretty much set it up and forget about it.
pir8radio 1312 Posted April 13, 2018 Posted April 13, 2018 CloudFlare is probably the right option here - You only really have 2 options: 1) VPN (which you said you don't want) 2) Reverse proxy (like CloudFlare) CloudFlare is pretty easy to set up: 1) Point your domain to the CF nameservers 2) Configure an A record in CloudFlare pointing to your ip. One consideration though is that by using CF users IP's wont be logged at your end you'll just see requests coming in from CloudFlare. So you might want to consider a set up like Emby -> Reverse Proxy (Apache/nginx) -> CloudFlare , as CloudFlare has modules for both Apache and nginx to restore the origin ip address to your logs. Also depending on your needs you might not want to route traffic to your domain via CloudFlare internally, so you might consider setting up a local DNS server for your internal realm. Then depending on your needs you might want to consider configuring caching in CloudFlare - which makes things a lot snappier. I use Apache -> CloudFlare and have done for a couple of years, works great - pretty much set it up and forget about it. Yea what he said....
Guest asrequested Posted April 13, 2018 Posted April 13, 2018 So I'd have to already have a domain before using CF? I was wanting to avoid having to build a foundation. I'll be honest, I'm not patient, and this stuff, well....annoys me That's why I opted for a VPN service. One account, some basic config and done. I don't want to reverse proxy. I was going to do that a while back. I didn't make it past the first step before I got p****d off, lol. I'm going to give the VPN service a hard time, and see if they can take their head out of their butt. Then I'll go from there.
pir8radio 1312 Posted April 14, 2018 Posted April 14, 2018 (edited) So I'd have to already have a domain before using CF? I was wanting to avoid having to build a foundation. I'll be honest, I'm not patient, and this stuff, well....annoys me That's why I opted for a VPN service. One account, some basic config and done. I don't want to reverse proxy. I was going to do that a while back. I didn't make it past the first step before I got p****d off, lol. I'm going to give the VPN service a hard time, and see if they can take their head out of their butt. Then I'll go from there. Come onnnnnn.... You have a name right? You have a forum handle? We could use your Social security number, or your forum user ID to identify you, Names are cool and easier, give your poor internet connection a name and quit calling it by its IP.... Plus you have your emby friends to help you... Or do it for you with a bribe.... Edited April 14, 2018 by pir8radio
Guest asrequested Posted April 14, 2018 Posted April 14, 2018 Lol...part of the issue is that I don't want to subscribe to a bunch of services, and have to keep track of them.
Guest asrequested Posted April 14, 2018 Posted April 14, 2018 Turns out that Comcrap's modem was, well.....crap (failing). Got it switched out, and performance has improved. But eventually I think I'll cave in and set up a reverse proxy, thingy. Not for a minute, though.
Guest asrequested Posted April 15, 2018 Posted April 15, 2018 Ah hell with it! So what domain registrar do you guys recommend? Google? GoDaddy? I don't want to half ass this. I figure I'll get a 5 or 10 year. I don't want to have to fiddle with this. Having said that, I may just get the bug This site seems to like namecheap. https://makeawebsitehub.com/reviews/domain-registrars/ One of you will have to write a script, if I need one lol
pir8radio 1312 Posted April 15, 2018 Posted April 15, 2018 Ah hell with it! So what domain registrar do you guys recommend? Google? GoDaddy? I don't want to half ass this. I figure I'll get a 5 or 10 year. I don't want to have to fiddle with this. Having said that, I may just get the bug This site seems to like namecheap. https://makeawebsitehub.com/reviews/domain-registrars/ One of you will have to write a script, if I need one lol I use register.com, but that's because it was one of the few big registrars at the time I bought my domain name. I have not really looked at moving my name or any other registrars so others input might help you out... We can help with nginx if thats what you choose to use, I like this windows version, has some neat features built in.. http://nginx-win.ecsds.eu/ they bake in cool features that are not in the normal windows nginx versions, they keep up with updates, and its always ran stable for me.
wedgekc 12 Posted April 15, 2018 Posted April 15, 2018 If you want to setup cloudflare quick, easy and free take a look at https://blog.awelswynol.co.uk/2018/01/setting-up-cloudflare-with-emby I used this recently and everything has been running great since.
Guest asrequested Posted April 15, 2018 Posted April 15, 2018 (edited) lol....you guys are letting are me down, already. lmao. I don't have a domain, yet. So I was looking for recommendations. Once I get that done......ah crap......see...I'm done. lmao. Moderators, delete this thread Edited April 15, 2018 by Doofus
dcrdev 255 Posted April 16, 2018 Posted April 16, 2018 lol....you guys are letting are me down, already. lmao. I don't have a domain, yet. So I was looking for recommendations. Once I get that done......ah crap......see...I'm done. lmao. Moderators, delete this thread Registrar-wise it doesn't really matter - just go with one of the well known names like GoDaddy.
Swynol 375 Posted April 19, 2018 Posted April 19, 2018 i went with namecheap, it offers easy to use and free DNS service. its one of the cheapest ive found. I've used godaddy in the past with no issues. if its just emby you need to access then its a very easy and straight forward setup. registrar and cloudflare. no need to nginx or anything else. 2
Devdroid 23 Posted April 19, 2018 Posted April 19, 2018 (edited) i went with namecheap, it offers easy to use and free DNS service. its one of the cheapest ive found. I've used godaddy in the past with no issues. if its just emby you need to access then its a very easy and straight forward setup. registrar and cloudflare. no need to nginx or anything else. Same here. I also bought a SSL certificate valid for 2 years for about USD 14 from them. It's become so cheap that I don't bother with other solutions anymore. Edited April 19, 2018 by Devdroid
Swynol 375 Posted April 19, 2018 Posted April 19, 2018 Same here. I also bought a SSL certificate valid for 2 years for about USD 14 from them. It's become so cheap that I don't bother with other solutions anymore. i'm a cheap person (put politely) so didnt want to pay. lets encrypt gives me 90 days, which renews automatically. However with Cloudflare it gives you a 20 year cert for free. I'm currently using a mix of the 2 for different services.
Guest asrequested Posted April 19, 2018 Posted April 19, 2018 (edited) So what I want was to secure all of my internet traffic. I have a guest network and I want to make sure that's secure, too. I don't want complication, just domain, encryption and obfuscation. I liked the idea of cloudflare, as I can use it to cache the server. But I haven't looked into it, yet. Edited April 19, 2018 by Doofus
Guest asrequested Posted April 20, 2018 Posted April 20, 2018 I was looking at the options and pricing for having a domain. ssl cert and using cloudflare. The free versions don't give me what I want and the subscriptions are more than I want to pay. I've been re-configuring the VPN, and I've got the bandwidth to a respectable 170 Mb/s. So I'm going with my original plan of building a pfsense box and configuring the VPN, through that. I've complied the shopping list. This will also give me more front line security, which I want.
Swynol 375 Posted April 20, 2018 Posted April 20, 2018 (edited) what subscriptions were you looking at? only one i pay is around £5 a year for my domain name. everything else is free. I'm happy with where my security is, its alot more 'advanced' than most home users and probably alot of businesses. will the pfsense replace the unifi usg? or run both inline like i do with sophos UTM Edited April 20, 2018 by Swynol 1
dcrdev 255 Posted April 20, 2018 Posted April 20, 2018 I was looking at the options and pricing for having a domain. ssl cert and using cloudflare. The free versions don't give me what I want and the subscriptions are more than I want to pay. I've been re-configuring the VPN, and I've got the bandwidth to a respectable 170 Mb/s. So I'm going with my original plan of building a pfsense box and configuring the VPN, through that. I've complied the shopping list. This will also give me more front line security, which I want. You know CloudFlare offers a free ssl cert? I'd be interested to know what your requirements are... that would require you to need one of CloudFlare's paid subscriptions? The only limitation that I can imagine MIGHT impact someone with <50 users is the 100mb single POST request limit.
Guest asrequested Posted April 20, 2018 Posted April 20, 2018 what subscriptions were you looking at? only one i pay is around £5 a year for my domain name. everything else is free. I'm happy with where my security is, its alot more 'advanced' than most home users and probably alot of businesses. will the pfsense replace the unifi usg? or run both inline like i do with sophos UTM The cloudflare that looked like what I wanted was $20/month. It was the lowest paid service. I don't remember the details, right now. The pfsense will be in front of the USG. It'll have more power, so I can do more.
Guest asrequested Posted April 20, 2018 Posted April 20, 2018 You know CloudFlare offers a free ssl cert? I'd be interested to know what your requirements are... that would require you to need one of CloudFlare's paid subscriptions? The only limitation that I can imagine MIGHT impact someone with <50 users is the 100mb single POST request limit. I'll post the comparisons I was looking at, later. Maybe I misunderstood something.
pir8radio 1312 Posted April 20, 2018 Posted April 20, 2018 You know CloudFlare offers a free ssl cert? I'd be interested to know what your requirements are... that would require you to need one of CloudFlare's paid subscriptions? The only limitation that I can imagine MIGHT impact someone with <50 users is the 100mb single POST request limit. The cloudflare that looked like what I wanted was $20/month. It was the lowest paid service. I don't remember the details, right now. The pfsense will be in front of the USG. It'll have more power, so I can do more. Yea I'm with dcrdev, I have the free cloudflare, I have not found a need for any of the pay services... I mean some of the options would be nice, but i'm all about free... what options were you looking at?
Guest asrequested Posted April 20, 2018 Posted April 20, 2018 Ok, so that probably means I misread/misunderstood some of the options. I'll provide more detail, when I get a chance. One thing I'm wondering about, does cloudflare provide anonymity?
dcrdev 255 Posted April 20, 2018 Posted April 20, 2018 (edited) One thing I'm wondering about, does cloudflare provide anonymity? In what sense? CloudFlare obscures your servers origin IP address, if that's what you mean? They also don't keep logs - other than some arbitrary info about geolocation of requests. The domain element of the equation could leak your personal info - as you are required to use a valid address and phone number to register a .com and that information is publicly available via your registrars whois database. Most registrars offer a 'domain privacy' option though at a nominal charge - essentially what that does is gives you a shell address to register your domain with. Sorry if that's not clear - have a look at my whois records and perhaps it'll be clearer: https://who.is/whois/dcrdev.com . Edited April 20, 2018 by dcrdev
Guest asrequested Posted April 20, 2018 Posted April 20, 2018 I think that's one of the things I saw that requires me to pay. I was concerned that I have to register my personal info, which is then a matter of record. I don't want that. The VPN is completely anonymous, and is a large part of what I want.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now