Hello guys, I’m have little to no experience when i have to deal with networking or cybersecurity.
I recently created a backend RESTful API on my Ubuntu VM on my personal desktop and dockerized the app, connecting it to a bridge network named ‘tunnel.’ I also have the Cloudflare Docker hosted in the same ‘tunnel’ network, which allows my local RESTful API Docker to be accessible via my domain and exposed to the internet.
Can anyone help me understand if this setup poses any security risks to my home network?
If so, what should I do to help reduce the risk? I have read that firewall helps, but does a restful api container developed with golang requires it?
Stick your services in a DMZ. It’s easy to setup with PFSense. Don’t allow traffic from your service to anywhere that it shouldn’t go. If your API contains any vulnerabilities, they could be abused to pivot into the internal network. Now, it’s not likely, but it’s certainly possible. Especially if those APIs are from someone open source project or something, if a vuln gets discovered it’s likely to be targeted en-mass.
Ahhh, got it. I think implementing DMZs and having additional hardware to run my services seems to be the safest option. But yea, thanks alot!