Security guides for people who self-host — how to expose less, segment more, patch properly, back up safely, and avoid turning your homelab into an easy target. Practical, not enterprise theatre.
Threat model first: most homelab breaches come from exposing an admin panel to the internet or skipping backups — not exotic attacks. Start with the basics below.
Core guides
Lock Down Your Homelab
The baseline: what to expose, what to keep internal, and the settings that matter most.
Read the guide →Home Network Security
VLANs, segmentation and keeping IoT/cameras off your main network.
Read the guide →Secure Your Docker Stack
Non-root containers, network isolation, secrets, and safe reverse-proxy exposure.
Read the guide →Backup & Disaster Recovery
3-2-1 backups, snapshots, and actually testing that you can restore.
Read the guide →Safe remote access
Reverse proxy done rightPlanned
Caddy/Nginx Proxy Manager with TLS, auth, and only what needs to be public.
Tailscale / Cloudflare TunnelPlanned
Reach your services without opening ports on your router.
Ongoing hygiene