Securing SWAG
https://www.linuxserver.io/blog/securing-swag
Category: Linux
SWAG is a reverse proxy that allows you to expose your self-hosted apps to the world, but that comes with risks.
We can mitigate some risks by fine-tuning SWAG and how we access it: Only expose apps you want to share with others and must expose, keep the rest internal and use
WireGuard to access them. Create a file called
nginx/internal.conf
with the following configuration: Utilize the LAN filter in your configuration by adding the following line inside the server block for every application you want to protect.