I might be worrying for no reason, just thought I’d see what people more knowledgeable than me thought. My Setup:
Home assistant running on Raspberry Pi 4
DuckDNS.org with LetsEncrypt SSL
NGINX Home Assistant SSL proxy
I followed the setup as detailed including router port forwarding, but was still having issues. Finally narrowed down to the Firewalla blocking all internet traffic rule. I tried adding a rule to allow port 443 on the Raspberry Pi but no luck. Next added a rule for just my Raspberry Pi to allow all internet traffic to/from the device. This allowed external access, port 443 is shown as open.
I’ve since gotten many alerts (30 in the last two days) about malicious IPs trying to access my Raspberry Pi. Should I worry about this, or should the combination of DuckDNS, LetsEncrypt and Firewalla provide sufficient enough security as could be hoped for while still allowing external access?