Skip to content

How to safely expose Node RED to the Internet

Jump to bottom Edit New page
Julian Knight edited this page Feb 10, 2017 · 24 revisions

These are notes and ideas prior to writing a recipe for the cookbook.

What needs to be done to make NR secure when exposed to the Internet?

  • Always use HTTPS to encrypt the traffic between the client browser and the Node-RED service.
  • Consider using a non-standard IP PORT >1024
  • Apply protection to the editor and admin API (using the built-in password security adminAuth or using ExpressJS middleware)
  • Apply protection to the user interface pages (using the built in password security httpNodeAuther and httpStaticAuth or using ExpressJS middleware)
  • Consider putting Node-RED behind an reverse proxy such as NGINX, HAproxy or Apache Web Server Can use those to terminate https, possibly provide a login front-end, mitigate various attacks
  • Consider preventing direct access to the Node-RED web service by using a content delivery network such as Cloudflare Can use that to provide better https security and to mitigate various attacks. Only allow Internet access to NR from Cloudflare. All external traffic is then forced through the CDN.

How to import saved data for docker images in volumes?

Add a custom sidebar
Clone this wiki locally