I use BookStack and with Node Red I export to PDF the books as soon as pages get updated, so if everything goes feet up, I have all the documentation in PDFs (locally and automatically uploaded to a free DropBox account, still done with Node Red).
But the attacker should know the internal and the external DNS. If the internal DNS doesn't have any SSL certificate on its name, it's impossible to discover.
By the way, I always suggest to reach services through VPN and use something like Cloudflare tunnel for services that must be public.
P.s. Shouldn't public and private DNS be inverted in your curl example?
My point is that you can't compare today's problem with 20 years ago! 20 years ago the access to the Internet was through the home PC for the amount of time the kid was allowed to use and with people in the house (usually); today the access to the Internet for a kid is 24/7 and everywhere. There is no comparison. Parents should be more present in the kids life? Sure! Parents should block Internet access to porn website at least until a certain age? Yes! But most of them doesn't even know that ths is possible. Maybe we (society, givernment) should work more here.
Guys, come on, in the '80/early '90 it was almost impossible to have access to porn, maybe some magazine found somewhere. Today a 10 years old can see porn video on a smartphone everytime he wants! You can't say that it's the same!
P.s. In my original message I didn't say that I'm ok with that law, I was asking (to start a kind discussion) what other possibilities there are.
In fact I wrote:
The firsts with wide Internet access were the late millennials.
which seems to be you.
I know, but what were the risks there? There was no Internet! The firsts with wide Internet access were the late millennials.
Or just point secret.local.mydomain.com to the LAN IP of the server.
To avoid opening ports, have a look at Cloudflare tunnel.
I agree with what you say, but how can we prevent kids to use those websites? Todays parents are too IT ignorant and they don't know that they can protect their kids by using tools that they already have (parental control on smartphones and routers). So, how do we protect those kids? Pornography (for example) can do huge damage to kids.
No way! For just 1 reason: I will have to learn another new thing and replace it in about 6 servers. I value my time and for now Proxmox is fine.
P.s. Incus seems nice though! NO, stop tempting me!!! I'm already in the rabbit hole with a gazilion of self hosted services and dozens piling up in the to do list ๐๐๐
So it's the use of a browser within a browser? Is it any different than just using Firefox containers (they are AWESOME!!!) and a VPN add-on?