My raspberrypi nextcloud version 14 seems to be working from within my LAN. I want to setup external access but am wondering why I would need to setup port forwards for 80 and 443? It seems crazy to open those ports externally.
My questions are:
Why do I need access on port 80 at all? I never want to interact with my cloud from the WAN using non-encrypted http and opening this port seems to be asking for trouble.
Why can’t I just forward a random (443XX) external port to the pi 443 port for security? My external access could be (https://A.B.C.D:443XX) where A.B.C.D is my external ip and XX are a randon 2 digit number. I have tried this but it does not seem to work. Why not?
I assume I only need TCP forwarding, not UDP. Is this correct?