pi-hole question on security
So I spun up a VPS and dropped pi-hole on it, and have now entered an advertising bliss-filled existence, etc. I'd rather have it on something reliable like a VPS at a reputable provider rather than an actual pi or a PC in my house, because if it breaks I can say "honey, it's @jarland 's fault you can't watch the Black List, not mine".
nmap looking from the outside, I've got http running on port 80...easy to protect with basic auth and pi-hole has its own auth.
But does pi-hole expose me to DNS reflection attacks, etc.?
I'm not sure I can practically firewall this because my home ISP provides a dynamic IP that sometimes changes. I could look at whatever the firmware has for VPN support (and add a VPN to this VPS) but frankly (a) that's a hassle, (b) I'm lazy, (c) I don't want all my traffic going through that VPS because I'd have to buy extra bandwidth, etc. Just DNS.
I do use afraid.org's dynamic DNS...worse case I guess I could have a script that resolves my home IP every hour and modifies an iptables ruleset...just wondering if there's a simpler way, or if this vulnerability is all in my head.
I thank you in advance.
For LET support, please visit the support desk.