Protect your endpoints with Keycloak Security Proxy

Protect your endpoints with Keycloak Security Proxy

When we setup applications in our homelab, there are always some applications do not support authentication or authentication integration.

The solution I was using was Organizr. While it protects your endpoint, it is not the best solution. If you read the source code, it is just matching IP addresses which leads to a lot of problems. Also, it does not redirect you to login page or allow you to setup for remote authentication. It only has limited (admin and user) roles to control access and do not play well with other identity providers, like LDAP.

Continue reading “Protect your endpoints with Keycloak Security Proxy”

HTTPS with Let’s Encrypt and Cloudflare

HTTPS with Let's Encrypt and Cloudflare

Chrome and Firefox has planned to mark ALL the HTTP connection to be not secure. “How insecure it can be?” you may asked. Without HTTPS, HTTP is transferring the package in plain text, which is vulnerable to all kind of attack, especially Man-in-the-middle (MITM) attack. For example, free Wi-Fi providers can modify any HTTP pages and inject their advertisements. This can also happen when you send out data. The middle can steal and modify any data you send including user name and password.

This tutorial is going to teach you how to get HTTPS certificates from Let’s Encrypt using Certbot and Cloudflare.

Continue reading “HTTPS with Let’s Encrypt and Cloudflare”