I am currently planning to set up port forwarding to expose my Home Assistant to the internet. I have a Duckdns domain and Let’s Encrypt all set-up, and I planned to forward port 443 on my router to Home Assistant on port 8123.
Going through the forums, I noticed many people are setting up caddy and nginx as a reverse proxy to expose their Home Assistant instances. Based on what I read, I am under the impression that reverse proxy adds more security, but I’m not understanding how that is and what the benefits are to the increased complexity.
Since the same web interface will be exposed to the internet at the end of the day, right? Won’t something like 2-factor authentication add more security?
Would appreciate it if anyone can point out what I am missing here.