![]() The web trackers found on LastPass' website previously raised a privacy concern worth noting and pushed me past the tipping point toward Bitwarden. That means if the public-facing Bitwarden service ever gets breached, your own vault should theoretically be secure. Its security is just as strong as LastPass', with both offering two-factor authentication, zero-knowledge password encryption (neither company can see your vault entries) and customizable password complexity rules. In fact, it offers a convenient, ongoing list of all of its security certifications and audits. Its open-source roots are one of Bitwarden's most appealing features, allowing the web at large to inspect its code for flaws and suss out hidden security threats that aren't as easily identified in proprietary, closed-source software.īitwarden's efforts at transparency extend to its public collection of readily accessible audits, certifications and codebase - including its independent audit by Cure53. Online services cost money to develop and maintain, and companies often pay for free services by sharing your data with third-party advertisers, putting your privacy at cross purposes with a corporation's revenue stream.īut Bitwarden's free service has me at ease. I'll wager that the Android app stops working.When it comes to privacy management services, I'm slow to recommend free services. To test it out, for this or any other application that has an Android app client to an internally hosted service, just set your Nginx Proxy Manager to only allow internal IP addresses to get forwarded (thus blocking any traffic going out to public IP and back in via NPM). I would LOVE to be corrected on that statement as long as it comes with a HOW-TO. It appears that Android just cannot/will not resolve it's DNS internally. It isn't a Vaultwarden, Bitwarden, NPM or firewall issue, it is an Android DNS resolution issue. I have not figured out any way to make it work without doing that. You answered my question in your response and hopefully, in my reply here I have expalined it to anyone that comes along in the future you (and I) make it work by going out to public IP and then routing back in via reverse proxy. To me, it appears to head right off an internal network and hit Googles IPv6 DNS at 8.8.8.8 which presents a problem when trying to resolve internal domain names - and here is the part that *is* the problem - WITHOUT going out to the internet for DNS resolution and then coming back in via public IP. What I was looking to achieve - and the problem I believe that the OP faces - is that Android completely ignores IPv4 DNS and for that matter, it largely ignores IPv6 local-loopback addresses too. I'm running a FreeBSD ZFS with jails internally for websites, Nginx Proxy Manager and Vaultwarden are in stacks on Docker on a different machine and all goes out through Untangle firewall to a dynamic IP updated on Cloudflare. My setup could be different to others but actually, that isn't part of the issue and my response here will hopefully serve to help someone in the future. If thats the case, you need to configure your router to ignore your domain in the rebind protection. This probaply doesn't work because your router will lilekely provide you with a local DNS server which prevents public domains to be resolved to private IPs (DNS rebind protection). So because you are talking a lot about DNS and it doesn't seem to work, I'm guessing your domain, hosted on a public DNS server, points to a private IP address within your home network. What's even your goal? Do you want to use the bitwarden app from your home network and the public internet? Do you use your own DNS server in your local network? Does the domain you use to connect to vaultwarden point to your public IP or to the private IP of the NAS? Do you have enabled port forwarding for your reverse proxy? I don't really understand what your setup is and I don't understand the problem either. ![]() What Is SelfHosted, As it pertains to this subreddit?įor me it's simple because I host it on an server with an own public IP behind an NGINX reverse proxy, so ne loops, always public internet. Also include hints and tips for less technical readers. We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Service: Blogger - Alternative: WordPress Service: Google Reader - Alternative: Tiny Tiny RSS Service: Dropbox - Alternative: Nextcloud While you're here, please Read This FirstĪnd why not Visit the Official Wiki Github?Ī place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |