this post was submitted on 25 Dec 2023
31 points (97.0% liked)
homelab
6720 readers
5 users here now
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Security comes in layers. If someone compromises your DNS server, or switch, (or does arp poisoning, etc etc) for example, but not the reverse proxy, (and it resolves backend via DNS and it doesn't validate/pin certs), they could intercept the traffic transparently. If you have SSL on that link, it massively reduces the attack potential.