That may be true, but the ratio of salary to petitions is lowest for those firms and others like it -- consulting body shops which do not in and of themselves innovate.
Have you looked at running wireguard on your server and connecting to it from the pi. Then you have a vpn between server and the pi where you can send data in any protocol
I do this to expose services to the internet in a limited way. Wireguard link between a pi running, say, octoprint, and a vps. Then, the vps is running nginx or caddy as a reverse proxy over that wireguard link, giving me https access and even letting me add basic auth if I want another layer of authentication.
It's a shame that client-certificates is implemented in such a clunky way in most browsers and operating systems, because that could also be an easy way to achieve this even without installing anything.
We have built into a common layer in all our APIs to record the HTTP status code it is returning to a redis counter . We have a monitor job that runs every 1 minute checking the error % ( 200 vs others) and raise an alert when the threshold is exceeded. This way we get to know api failure errors and potential security issues such as http 403 returned %.
We also monitor the % requests logged every minute and if that drops by say 50% we know something is down.
