I have been using no-ip for around two years to remotely access my hosted service, I mostly use their free service except for a few 5 months offers I bought.

Recently, I received a full year offer in email for 8$ (COUPON CODE: MAY8), and I was wondering whether to get that or buy a 2 years domain for the same price (FROM hostinger or namecheap).

I have never bought a doamain before and my knowledge is limited to what I mostly read here. So, per your opinion, what would be better in term of usability and security, a DDNS on the router and a port open per hosted-service? or a domain with reverse proxy?

  • mhz@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Would you please share what dynamic dns provider you use? I remember trying to set nginx pm to use my no-ip hostname (xyz.ddns.net) but I could not figure out how to link my hosted-services as subdomains (say portainer.xyz.ddns.net)

    • RunningInRVA@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      I’m using Dynu for DDNS. They support subdomains as part of their DNS. You can configure nginx to service/route requests to each subdomain differently.

    • klangcola@reddthat.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      Another option is subpaths: xyz.ddns.net/portainer

      Just one open port, to your reverse proxy (nginx or other).

      The client updating no-ip with your dynamic IP is independent of the reverse proxy software.

      • 486@kbin.social
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        Another option is subpaths: xyz.ddns.net/portainer

        While you can do that, you should be aware of the security implications (every application can see and modify every other application’s cookies). If at all possible, I would try to avoid this setup.

        • rentar42@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I second that. This practice comes from a time where domain names were expensive, in many ways: SNI didn’t exist/wasn’t wide-spread, so each domain name on HTTPS needed a dedicated IP, Certificates weren’t democratized yet via letsencrypt/acme and most hosts were big enough to run multiple services, because virtualization wasn’t as widely available yet. So putting apps on sub-paths made sense.

          Now all of those things are basically dealt with and putting each app on its own sub-domain just makes way more sense.