Reverse Proxy Advice - Specifically Cloudflare

[Whiffle]

Hi there.

I am running Openmediavault on my home server and run a number of services on docker, including Home Assistant.

From all I have read, the recommended way to connect, outside of your home network, seems to be Cloudflare as reverse proxy, as you can avoid opening ports on your server.

There is also Docker container (cloudflared) that I can use to connect my server to Cloudflare.

I sort of get the theory behind all this but am just trying to understand everything before I go ahead and set this up.

If I expose my HA docker to the internet in this way, is the only thing stopping others using it the username and password?

 

[Whiffle]

Thanks for confirming that.

The reason I ask is that I have a number of other Home Assistant add-ons, runing as containers, (nodered and zigbee2mqtt) that I would like to access from outside my home network. Neither of these has any password protection on it, so I shall need to try and see if I can set that up beforehand. I shall also look into ip restriction as a belts and braces approach.

What is the benefit, therefore, of using Cloudflare to begin with (as opposed to simple port forwarding)?

Am I correct in thinking that as Cloudflare is security service, it has the ability to screen out well-known malicious attacks before they hit my server?