Comment by traderj0e

15 hours ago

The VPS is your security in this case. It's not sending plaintext over the internet, is it?

Edit: No, the article mentions listening on port 80 at home. I thought they'd be SSH tunneling or something. That is unusual, but I guess for a static website it doesn't really matter.

2 comments

traderj0e

SahAssar 12 hours ago

> That is unusual, but I guess for a static website it doesn't really matter.

It sorta does matter. Either the actual raspi does nothing of value or the traffic has value that should be protected.

Sure, I heard the argument that public HTTP traffic does not need encryption but if it is of any value then both parties have a interest in it unmanipulated, uncenscored, validated or all of the before. Even if it is just preventing the ISP injecting dumb ads.

traderj0e 11 hours ago

Yeah that's a valid concern. Idk, nothing about this setup makes sense.