-
Hello Everyone,
I recently installed Cloudron on a Google Cloud free tier instance. I allowed the following TCP ports: 80, 443, 110, 143, 2083, 25, 465, 587, 993, 995, 4190, 3389, and 22 on public access (0.0.0.0/0). Everything is working fine, but I have a security concern.
I want to restrict access to the Cloudron dashboard (my.domain.com) and any apps I create with specific subdomains (e.g., cloud.domain.com for the Nextcloud app, mail.domain.com for the mail app) to only be accessible from my home IP address. However, I want the main website (domain.com) to remain publicly accessible. Additionally, if I create a WordPress website, I do not want the (wp-admin) to be accessible publicly, just the main domain.
I would greatly appreciate any help or guidance on how to achieve this for security reasons.
Note: For email, I use an external SMTP relay through Brevo (formerly Sendinblue). Therefore, I need a solution for restricting access to subdomain apps without disrupting email functionality or causing server issues.
-
Very Important Note: I have a dynamic home IP that changes frequently, and I cannot access router configurations. As this is a school project, I prefer free solutions. Thank you!
-
Currently the only option is to use blocklists to block access to your server based on Ip (range) https://docs.cloudron.io/networking/#firewall
Especially with changing IPs on your side this is likely not easily done and you may have to use non Cloudron systems to place the server in some private network with a gateway for public incoming requests. I don't know what google cloud offers there but those specific use-cases are a bit out of scope for Cloudron.
-
N nebulon moved this topic from AzuraCast on
-
G girish marked this topic as a question on
-
G girish has marked this topic as solved on