• atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    15
    ·
    edit-2
    1 day ago

    See what I mean?

    As if a proxy blindly passing traffic directly to a backend server “reduces attack surface” in any meaningful way. 🙄

    Edit: Guy edits his post with a bunch of stuff and assumes I’ve read it later. I can’t eyeroll enough…

    1. You’ve increased your “attack surface” by adding a second application to the stack. Proxies aren’t magic, they are also targets.
    2. Sure - you can do those things on a proxy. How many people here are? And why are those things never suggested when people here say “use a reverse proxy”? Because they think the proxy is the security.
    • nibbler@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      2
      ·
      1 day ago

      Did you just add ‘blindly passing traffic’ to your statement? Did you read my comment about can help?

      Move on, joker.

      • atzanteol@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        11
        ·
        1 day ago

        Sorry - which part of your comment added anything of value? “can help to minimize the attack surface”? 99% of the time a proxy just passes traffic through. Unless you’re talking about a WAF which is a) a different thing and b) NOT what any home gamers are talking about when they recommend nginx, traefik, etc. to newbs.