Traefik deployed - apps still available unsecured | PlexGuide.com

Traefik deployed - apps still available unsecured

  • Stop using Chrome! Download the Brave Browser via >>> [Brave.com]
    It's a forked version of Chrome with native ad-blockers and Google's spyware stripped out! Download for Mac, Windows, Android, and Linux!
Welcome to the PlexGuide.com
Serving the Community since 2016!
Register Now

coolhaus

Citizen+
Original poster
Dec 27, 2018
18
2
I've set up a few dedicated servers before so my knowledge is reasonable but there is still lots to learn. Really impressed generally on how polished and easy to deploy PG is.I'm working my way through a complete install on a dedicated Hetzner server running Debian 9 and currently using PG v8.4.14

So far I have everything working well, the usual suite of apps deluge, sonarr, radarr etc. Through the firewall I am only exposing a deluge port and SSH. I've previously secured apps with their own login page but I have been wary of exposing these ports through the firewall (UFW), instead I've being using port forwarding over SSH to access the apps directly. No problems so far.

Fast forward to the present and I now want to get Traefik working, I have setup all the required DNS records through Cloudflare and followed the instructions carefully. I've selected to deploy Traefik with Portainer as my access point. This went without issue.

Now when I come to access the individual apps through sub domains this appears to work - at least I can get the login page and it is being secured through HTTPS.
Well what is the problem I hear you ask:

Individual apps are still available directly by entering the ip address and port! Seems to negate the whole point of the extra steps with Traefik. What am I missing?

Any help or pointers would be much appreciated.
 
Last edited:

nachobel

Experienced+
Staff
Donor
Feb 2, 2019
146
39
Can you close those ports down on your router? I guess it's a remote install...have you turned Port Guard on? (PG - 2 - 1)
 

coolhaus

Citizen+
Original poster
Dec 27, 2018
18
2
Nothing open apart from deluge + SSH. I haven't opted to deploy Port Guard thinking it unnecessary if Traefik is doing its thing. 'Unsecured' is perhaps a bit misleading apps are secured behind their own login page as per the advice. I wasn't comfortable with this on a remote server however so looking for a better solution.
 

Recommend NewsGroups

      Up To a 58% Discount!

Trending