• 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle


  • Either you run the RP in the VPS and point to the ips on your server or you run it on the server and access it like you are accessing Jellyfin.

    Easiest option is a container with Nginx proxy manager (imo) with NPM you can get free let’s encrypt certs, but be aware, in case you want automated certificates, NPM will need to run on the machine pointed to by the DNS (in your case, your VPS I guess)



  • I dont know. 😆 im really just trying to get it in case -for example- of needing to advice someone in such a case :) my confusion probably comes from the fact that I have never host anything outside containers.

    I still see it a bit diferent. A well structured container structure with configs as files instead of bare commands, back up volumes would be the same effort… But who knows. Regarding the rest like proxies, well you do not really need one.

    Thanks taking the time to explain you point tho!





  • It is about the ability to trace back, not to be traced.

    Ws1------|----+++++++±–| Ws2------| | ----Client 1 Ws3------|. VPN |----Client 2 Ws4------| |----Client 3 … | | … Wsn------| |----Client m

    Since there are multimple outside conections (wb1…n), the traffic to the VPN clnent is encripted and each client can have multiople connections (thats why i used Client m and not Client n) you can not in a reliable fashion tell which connection will be sent to which client.

    Now your case:

    Ws1------|----+++++++±–| Ws2------| | ----Client 1 Ws3------|. VPS. | Ws4------| | … | | Wsn------| |

    You can in that case reliable say that all the traffic is being piped to Client 1, because ks the only client.

    From there a motivated party can trace back you traffic to you ISP, if you got a fixed IP you can be trace back to.

    If you are behind a CGNAT that party will need help from your ISP, to see where the fraffic went. Which tbf I neglected to mention before, but still changes the trust from you VPS to you ISP.

    To be REALLY fair this tho no wholly easy is also not incredibly hard given you have the right hardware in the right place, I just wanted to explain why mixing your traffic with others has an advantage over a single person VPN



  • I’d argue that deanonimation would be easier.

    In a VPN you have hundreds of clients and also hundreds of outbound connections, tho not impossible is way harder to find out which connection is being piped to which client. On you own hosted VPS, if you have a dedicated ip is easier, all the traffic will be redirected to only one address, then one of your client.

    Even with a vps with a shared ip the number of clients mantaning open connections is probably way lower on average.