Replies: 2 comments 1 reply
-
I've been keeping this issue requesting the same open for a while: #1827 How I envision it working:
Meanwhile @tezgno I can recommend you to either use some authentication solutions such as Authelia or even a simple Nginx config that provides pre-authentication and 2FA. To be fair you should always run FileBrowser behind a Nginx reverse proxy as it will reduce the attack surface. Speaking about recommendations I would suggest you to run FileBrowser and make it only accessible through a Wireguard VPN for increased security. Setup Wireguard VPN on the server. There's also this nice UI that can be used to do most of the setup and create client config files. For the VPN port use custom 5 digit number - something like 23901 (up to 65535) to make your service harder to find. But... as I understand you may want to access FileBrowser from machine where you can't install a VPN client you may want to:
If you don't want to setup a firewall you can alternatively configure your nginx to geo-block requests. |
Beta Was this translation helpful? Give feedback.
-
With the rise of spray attacks and threat actors, would it be possible to enable options for 2FA/MFA (such as Google Authenticator TOTP) and Re/HCaptcha? This would allow for me to use File Browser and leave it online as opposed to launching it adhoc as necessary. Overall, this is a great tool, but strengthening the security of the tool would be awesome.
Beta Was this translation helpful? Give feedback.
All reactions