I’m currently using NPM and upgrading to a new VPS for my business. I have a public website and am going to host a few more for friends, plus a few other services. Everything is on docker for ease. I use Cloudflare for DNS so would prefer using a DNS challenge. I will change this at some point but not yet ready to!
Should I:
- stick with Nginx Proxy Manager which I know well (is it really that insecure or outdated?)
- switch to NPM Plus (assuming this is the easiest)
- switch to Caddy (seems to be there most recommended but will be a learning curve for me)
- Try out Nginx (seems like a massive learning curve so I’m very reluctant)
Please don’t confuse the nginx proxy manager (npm) with the node.js packet manager (npm). The latter is frequently in the news regarding security vulnerabilities.
For a moment I was really confuser as to how Caddy could replace nodejs’s package manager
I might have done exactly this, thanks for pointing it out. Is Nginx proxy manager considered secure enough to use on extremal sites?
Nginx is considered battle tested.
Very few products have this level of puic scrutiny and and a good record of being safe.
Once this is said, the majority of problems come from misconfigurations, so triple check the things
Personally, I would try to avoid publishing nginx proxy manager’s management web ui to the general public.
That is not published externally - I only forward ports 80 and 443, and only access the admin interface locally or through a vpn to my router. Would this be ok? Thanks for your input
Yes, that is exactly what I meant.