Hi everyone,
I’m pretty new to HA. Recently I decided to convert my rented apartment to semi-smart, so I installed HA OS in a VM on an old MacBook Air 2017. Currently, there is only one custom device for temperature, humidity, CO2, and PM1/2.5/10 working with ESPHome.
I found how to make it public with Cloudflare Tunnels so I can access it from outside but now I’ve started seeing IP addresses trying to connect and being banned eventually but…
My config:
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 3
Yes, they are banned but I’m not sure if this is even good. I bought a random domain for this purpose only and again it’s found. I will add 2FA for more security. But I don’t like this a lot someone trying to access my instance even though there is nothing they can control for now but from there they may be accessing my local network or something else.
So my question is there anything I can do to limit these attempts to access? Also as I’m thinking of extending the devices in the future is there a way to secure myself for the future like separating everything related to smart home to a separate VLAN (I don’t know how can I do it it but will learn 
).
I’m pretty new and open to recommendations.
Thanks in advance! 