I have FQDN.

# 1

I did configure unbound on opnsense router to override all hosts of mydomain.com to local IP of my server.

Local server is ruuning SWAG who creates ssl with lets encrypt using dns validation. I did not forward / open any ports on router so those services are NOT accessible from internet.

I can access all my services localy over some_subdomain.mydomain.com

# 2

I did configure DNS records at my registrant to point to my webhosting (normal external company) and create simple html page. So when I am browsing mydomain.com and I am not at home I get that simple page.

question:

I leave home so I am not at home network and not using VPN then my laptop or phone are trying to resolve mydomain.com because some application wants to connect to service. They get IP of webhosting and trying to communicate with it.

Should I be worried about sensitive data being leaked? At least, webhosing can log requestes where it can see my subdomains and url path …

​

what is your setup? what is your opinion? is there any better solution beside VPN { I dont want to open VPN always when leaving home }

thanks