Is a Traefik IP whitelist safe? - eviltoast

So I’m hosting a lot of Docker containers, a lot of which are behind a Traefik reverse proxy. Is it safe to use IPWhitelist middleware? I want to ensure that only the LAN can access the services while using HTTPS, because some services (like Radarr and Sonarr) have a password and I don’t want that information sent without encryption / SSL.

Could someone spoof their client IP address and bypass the Traefik IP whitelist?

  • johntash
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    As an alternative, have you considered putting those services behind a vpn like tailscale/wire guard/head scale?