u/Artistic_Dig_5622

After some recent security concerns, I've been looking at ways to harden the external access to my publicly available services like Home Assistant and Immich.

I've got mTLS client certificates working with Cloudflare now, as what I hope is a temporary measure, but I'm trying to do the same thing with Pangolin and can't find any documentation on this.

Is it possible to generate and upload client certificates to my mobile device that then I can use over the public internet? I don't want to have to use the Pangolin client on my phone, as I find it too restrictive.

Immich does at least support header authentication, but Home Assistant app doesn't.

Any ideas would be appreciated.

I was about to buy a new VPS but had a question about their Ubuntu version. It's listed as just 26.04 and not 26.04 LTS.

Kodee was talking crap so wanted to speak to a human.

I'm in a queue but have no confidence there is anyone behind it. It's been a long while....

I've got one VPS already and been happy with it.

Just a shame they don't invest in customer server. It wouldn't take a lot to improve this.

I made the mistake of looking at my logs and rather shocked at the number of denied requests coming in from all round the world.

most of my public resources are behind google oauth apart from home assistant where I use a shared link and token.

I thought I would be clever and also change the name of the resource to an 18 digital random combination.

however as soon I did this, guess, what, loads of new access requests are showing up from all round the world. any idea if this is pangolin healthcheck related?

any idea where these could be coming from and why? should I be worried or not?

I seem to get a lot of requests from webcrawlers looking for robots.txt too. How do they even know about my sites unless they are scraping data from my browser?

many thanks

https://preview.redd.it/u1grf6m1c41h1.png?width=2305&format=png&auto=webp&s=09a5db7b492b595d204f700b9d6efe7f5bb6a607