paperless-ng on publicly accessible server
-
Hello,
I have a quick question for you guys:
Would you run paperless-ng, with your personal documents, on the public web?Thanks for your opinions
-
@feelniceinc are you uncomfortable with security provided by user login ?
-
@timconsidine No, the password must be secure, of course.
I think more in the sense of security vulnerabilities -
@FeelNiceInc do you mean allowing public access for your server at home or hosting a VM in cloud whereever and putting your docs there?
-
@FeelNiceInc in terms of security vulnerability of the system, I trust in the open source community review and collaborative effort. Of course, there is always a risk. But I tend to trust open source solution more than a proprietary one.
You could set up a small Cloudron box or docker box at home if this is a concern for you, and if you're remote from it, use VPN and IP black-list / white-list.I use Bitarden (vaultwarden) and trust that. OK, data is encrypted there. I haven't checked about Paperless and encryption. Must go and do that out of interest.
EDIT : there used to be support for encryption https://paperless-ng.readthedocs.io/en/latest/administration.html#enabling-encryption. But it is deprecated and not advised for reasons explained.
