Hey guys, I'm not sure if this is hijacking the thread or not. If so, please disregard and tell me to open my own thread!
I was also looking to add secure, remote access to my squeezebox server and am already running Traefik as a reverse proxy (w/ SSL configured). All my other services utilize app-specific security, so this would be my first time working w/ basic auth on my reverse proxy. Being that SSL is already enabled, would it be secure enough to use the proxy's (or LMS') basic auth here? This is primarily to enable an Alexa skill I was writing - I guess something similar to meep's hab-tunes (if that still is happening) or the MediaServer smart skill mentioned previously. I know the main concern w/ basic auth is the exposure of the headers in *almost* plaintext on every request. If the traffic is encrypted w/ SSL however, this is no longer a concern, and the only thing that really comes into play is potential brute-forcing attempts? I was looking to also implement fail2ban to handle blocking multiple failed attempts. Overall, do you guys think the setup described above provide enough security? ------------------------------------------------------------------------ BreakTheStatic's Profile: http://forums.slimdevices.com/member.php?userid=42048 View this thread: http://forums.slimdevices.com/showthread.php?t=111300 _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
