-
docker-swag
Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
A: "It depends" is the short answer, as it really depends on which reverse proxy you're using and how you've configured it. If you're ONLY using the reverse proxy to handle HTTPS, then there's not much difference, however the purpose of a reverse proxy is so much more and there's a lot of benefits to that. I use a reverse proxy called SWAG (which itself is just a preconfigured nginx server in a Docker image to make things easier) which can handle the auto-provisioning (And renewal) of SSL certificates so they're always valid and up to date. I can configure it to add additional security like 2FA, or block IP addresses and that kind of thing. That's partly what reverse proxies are for. Another benefit, albeit a sort-of side benefit is you can prevent your server appearing in IP/Port scanners (like Shodan.io) as a reverse proxy will only proxy to foundry via the correct url. In other words, if you have foundry serving up HTTPS on port 443, then hitting https:// will bring up foundry, however if you're using a reverse proxy then only hitting the correct domain address (like https://foundryvtt.yourdomain.com will bring up Foundry, hitting anything else like https:// will not bring it up - I wouldn't class it as necessary from a security perspective but it does help a bit. In short, I would say yes it is worth putting foundry behind a reverse proxy.
100% agreed, password managers are where it's at. I can highly recommend Bitwarden.
Lots of options out there; I particularly like the https://github.com/eltariel/foundry-docker-nginx-vouch method that uses discord login. Though I also understand that's not for everyone. I personally believe Foundry should implement hashed and salted passwords at all levels now. And then provide the option to use federated login services later.
And see if you can get Foundry running on your machine via docker (something like this: https://github.com/felddy/foundryvtt-docker). There's a bit of a learning curve here, but once you're able to spin up a docker container on your machine, then the rest falls into place quite quickly.
Related posts
-
Bitwarden
-
Saving a password on phone?
-
How do I setup up FoundryVTT on a dedicated server with custom subdomain via an apache2 virtual host, and LetsEncrypt SSL? The official guide is not helpful at all.
-
Might be a dumb question, but does foundry vtt self (or cloud) hosted have a fully functional web front end?
-
Foundry hosted on Azure keeps shutting down