Suggestion - Switch new advanced access settings default to ON #901
Comments
|
Happy to see discussion on this. From my perspective we added these options to make things more secure, and leaving them on by default doesnt achieve that goal. So I prefer off by default. |
|
Enhanced security is a fine goal and has my full support, but not at the cost of UX, especially for new or inexperienced users. What do you think or recommending they be off, but having them on by default to prevent users from having issues administering their nodes? |
|
So after some discussion this evening with the devs it was agreed that that the firewall should be open by default as you suggest here. Look for an incoming fix later today. |
|
Thanks!
…On Tue, Jul 18, 2023, 9:21 PM Tim Wilkinson ***@***.***> wrote:
So after some discussion this evening with the devs it was agreed that
that the firewall should be open by default as you suggest here. Look for
an incoming fix later today.
—
Reply to this email directly, view it on GitHub
<#901 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ARKNSMWEJN5RRC6MMAKM4Y3XQ5ODLANCNFSM6AAAAAA2NZUWLM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A couple times I've updated my nodes to the current nightly, I wasn't able to access it like I was before, and needed to go through a couple extra steps to get back into it before I could set the new access settings to ON.
Enable web access to the node from the WAN interface
aredn.@wan[0].web_access
Enable SSH access to the node from the WAN interface
aredn.@wan[0].ssh_access
I like having these options, but I'm concerned that new node operators may assume the AREDN firmware is broken if they flash the firmware and can't access the node. Resetting it to firstboot status wouldn't even restore access for them - they'd need to figure it out on their own or go to forums, making for a worse user experience.
I strongly suggest switching the default setting for these two settings to ON.
The text was updated successfully, but these errors were encountered: