DON'T Expose Internal Applications To The Internet! Restrict Access NOW!

The majority of Traefik tutorials all have the same problem, they expose all services routed through Traefik to the Internet. This is bad from a security perspective and increases the attack surface for your homelab. It's not a good idea to externalise Portainer, PiHole, Vaultwarden etc... In this video I provide 3 options to restrict access to applications so you can specify exactly which services you want to expose and to which clients. Let's secure Traefik now! Traefik Docker Files: https://github.com/JamesTurland/JimsGarage/tree/main/Traefik-Secure Recommended Hardware: https://github.com/JamesTurland/JimsGarage/blob/main/Homelab-Buyer's-Guide/Q3-2023.md Discord: https://discord.gg/qW5vEBekz5 Twitter: https://twitter.com/jimsgarage_ Reddit: https://www.reddit.com/user/Jims-Garage GitHub: https://github.com/JamesTurland/JimsGarage 00:00 - Introduction to the Traefik 'Security Problem' 01:29 - Demonstrating the 'Problem' 03:23 - Option 1: Cloudflare Proxy 05:00 - Option 2: Multiple Traefik Entrypoints 14:44 - Option 3: Traefik WhiteList 19:20 - Bonus Option: Deploy Two Traefik Instances 20:30 - Outro