Is OAuth enough to secure public facing immich? #14377
Unanswered
rahulpsd18
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am using cloudflare tunnel to expose my immich for external access.
I have setup OAuth with Google as provider following this guide. Google account has 2FA enabled.
I have set up the Policy in cloudflare to only allow whitelisted emails.
Auto Register is disabled and Password login has been turned off in immich.
Mobile app login is working perfectly too.
Is this setup secure? or should I look into crowdsec/fail2ban/etc?
Is there a guide on best practices to follow if using cloudflare tunnel?
Beta Was this translation helpful? Give feedback.
All reactions