You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I've found YaCy I was excited because I like decentralized projects and oftenly participate in them at least being a part of the P2P network.
But when I started to learn how I can set up my own node I started to feel discomfort about how it's done now.
The most important of my concerns was that fact that YaCy uses only two ports: HTTP and HTTPS (as far as I understand).
I read the FAQ and discovered that the 8090 port is used for peer data exchange and web interface at the same time (here for P2P and here for web interface).
That was a shock for me. It meant that I can't participate in the network without making my search engine public or using very complicated schemes with reverse proxy and query filtration.
I saw that you can disable search engine access for non-admin users but it still means that you must expose too much to the public and trust that YaCy's security is strong enough. Also you're making the search less friendly to the users when require authentication.
I believe that P2P and web interface ports must be separated so you can for example proxy P2P port to the public for data exchange but still have private search interface which is accessible only for you.
The simplest use-case scenario which benefits from this is internal LAN search service which indexes the whole Internet and freely accessible from LAN without any restrictions but closed for WAN. Such server will be useful network participant and will not (as far as P2P part can be simple and secure) cause any risks for those who administer it.
The text was updated successfully, but these errors were encountered:
When I've found YaCy I was excited because I like decentralized projects and oftenly participate in them at least being a part of the P2P network.
But when I started to learn how I can set up my own node I started to feel discomfort about how it's done now.
The most important of my concerns was that fact that YaCy uses only two ports: HTTP and HTTPS (as far as I understand).
I read the FAQ and discovered that the 8090 port is used for peer data exchange and web interface at the same time (here for P2P and here for web interface).
That was a shock for me. It meant that I can't participate in the network without making my search engine public or using very complicated schemes with reverse proxy and query filtration.
I saw that you can disable search engine access for non-admin users but it still means that you must expose too much to the public and trust that YaCy's security is strong enough. Also you're making the search less friendly to the users when require authentication.
I believe that P2P and web interface ports must be separated so you can for example proxy P2P port to the public for data exchange but still have private search interface which is accessible only for you.
The simplest use-case scenario which benefits from this is internal LAN search service which indexes the whole Internet and freely accessible from LAN without any restrictions but closed for WAN. Such server will be useful network participant and will not (as far as P2P part can be simple and secure) cause any risks for those who administer it.
The text was updated successfully, but these errors were encountered: