proxmox behind firewall or not

[Blisk]

Don't know if this is a regular practice to use proxmox on external IP or it is safer to use it behind firewall??
If I install it on computer now and change nothing and leave it on external IP is that safe or not?
I am planing to setup all later.

 

[oguz]

hi,

if this is a regular practice to use proxmox on external IP or it is safer to use it behind firewall??

that depends on what you want to do.

If I install it on computer now and change nothing and leave it on external IP is that safe or not?

it is as safe as your root user's password.

there are no known vulnerabilities, but it is always better to hide the login page behind a firewall, possibly with a IP whitelist setting to limit access.

some recommendations:
* set up 2FA [0]
* pick a strong password for the root user
* enable firewall and add your IP address to the management ipset (whitelisting) [1]
* the documentation for the PVE firewall is recommended for reading as well
* update packages regularly

hopefully this makes some things clearer for you


[0]: https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pveum_tfa_auth
[1]: https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pve_firewall_ip_sets

 

[Blisk]

Thank you
Yes you did.
I usually setup root access on my IP. I see proxmox have firewall so I can setup root access to my IP (whitelisting) and will be safe.