Gentle Reminder: Your hosted Foundry instances are open to the internet - anyone can find them so make sure they're adequately protected

• docker-swag

  296 2,569 9.1 Dockerfile

  Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.

  

A: "It depends" is the short answer, as it really depends on which reverse proxy you're using and how you've configured it. If you're ONLY using the reverse proxy to handle HTTPS, then there's not much difference, however the purpose of a reverse proxy is so much more and there's a lot of benefits to that. I use a reverse proxy called SWAG (which itself is just a preconfigured nginx server in a Docker image to make things easier) which can handle the auto-provisioning (And renewal) of SSL certificates so they're always valid and up to date. I can configure it to add additional security like 2FA, or block IP addresses and that kind of thing. That's partly what reverse proxies are for. Another benefit, albeit a sort-of side benefit is you can prevent your server appearing in IP/Port scanners (like Shodan.io) as a reverse proxy will only proxy to foundry via the correct url. In other words, if you have foundry serving up HTTPS on port 443, then hitting https:// will bring up foundry, however if you're using a reverse proxy then only hitting the correct domain address (like https://foundryvtt.yourdomain.com will bring up Foundry, hitting anything else like https:// will not bring it up - I wouldn't class it as necessary from a security perspective but it does help a bit. In short, I would say yes it is worth putting foundry behind a reverse proxy.

• Bitwarden

  1,058 14,442 9.8 C#

  The core infrastructure backend (API, database, Docker, etc). (by bitwarden)

  

100% agreed, password managers are where it's at. I can highly recommend Bitwarden.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• foundry-docker-nginx-vouch

  1 8 0.0 Dockerfile

Lots of options out there; I particularly like the https://github.com/eltariel/foundry-docker-nginx-vouch method that uses discord login. Though I also understand that's not for everyone. I personally believe Foundry should implement hashed and salted passwords at all levels now. And then provide the option to use federated login services later.

• foundryvtt-docker

  61 528 9.1 Shell

  An easy-to-deploy Dockerized Foundry Virtual Tabletop server.

And see if you can get Foundry running on your machine via docker (something like this: https://github.com/felddy/foundryvtt-docker). There's a bit of a learning curve here, but once you're able to spin up a docker container on your machine, then the rest falls into place quite quickly.

Suggest a related project