2
I'm using these instructions to set up a Pi-Hole on an Always Free Google Compute Server.
The end goal is to route DNS requests to it from my Google Wi-Fi home router, as well as being able to use it through my phone when I'm out and about. (Also giving friends and family access)
I can't set up a VPN with the Google Wi-Fi router- Custom DNS only, but it seems like I could restrict access to the compute instance by only allowing my home network access through Google Compute firewall rules. (Home network has a static IP)
The problem with that, is that would exclude me from using it with my phone.
I think I'm attacking the problem the wrong way. I'd love to be able to simply point my phone and home network to the compute instance via custom DNS. The problem with that is that I'm endangering the internet if I allow the server to be publicly accessible.
Is there another, perhaps more creative way, of going about this?
In the comments on this page, there's a suggestion to use some iptable tools like fail2ban. Is that good practice?
Matt Zabojnik
Posted 2019-03-12T22:33:03.190
Reputation: 123
2Unless I'm misunderstanding you, I don't think this is really a security question; more a question about how to configure a product that happens to have some use-cases that involve security. You've already understood that exposing the server to the internet is a bad idea, so the rest is just about configuring the features available to you in a functional way. I've voted to migrate this question to SuperUser since that's probably a better venue for it. – Polynomial – 2019-03-12T22:44:43.383
Ahh, got it. I'll move the question. – Matt Zabojnik – 2019-03-12T22:45:31.900
Turns out, I can't delete the question, at least for mobile. I agree, it is misplaced. – Matt Zabojnik – 2019-03-12T22:47:31.270
Do not delete or repost the question. It will be automatically moved if enough users vote to close, or if a moderator unilaterally migrates it. – Polynomial – 2019-03-12T22:48:42.130