even though my Vero with OSMC sits within my private address home LAN, I have exposed a few service onto the Internet via router NAT rules.
These are mostly HTTP based services such as rutorrent and tonight I realized I was foolish enough not protect the login not even with a userid/password to avoid the annoying need to login from within my home LAN.
So in this case I’ll need to understand at the very least how to secure the webserver when accessed from public IP addresses, right ?
Another idea I have is close all ports, install openvpn, route that only and then access services through this VPN.
What is your preferred way of keeping things reasonably sane without becoming too complex/crazy ?
And BTW is there some quick scanner I can use to do a pentest on my public IP address and some simple tool to scan the webserver log for malicious attempts ?
Thank you very much