Advice on any security concerns accepting HTTP posts from public facing port?

Hi All,

For those using NR in the enterprise, I need to have a flow that is essentially a custom http webhook receiver (the incoming information is not confidential in any way) collecting information from devices that are online but cannot connect via vpn.

Although I've been using NR for a while now, I've not put anything out on a public facing connection before and just want to make sure those of you with more experience dont see an issue.

My NR install is running as a regular (non-root) user
my webhook receiver is not on port 80 and is different port from my dashboard port
the webhook incoming port is the only hole in the firewall.
the NR instance is in an isolated DMZ that can only forward verified messages to an SQL server
the nr dashboard is "secure" and can only be accessed from my admin machine

I have safeguards in place for getting junk/malicious incoming posts and I've attempted to handle DoS attacks.

Are there any concerns you see in this kind of setup?

Thanks for any insights!

1 Like

There have been recent reports about hacked node red instances, right after ports have been opened on routers. Hence I'd be really really careful. There are bots waiting for you. And I guess its independent from the ports you use.

Do you use parameters and/or stored procedures OR constructed SQL insert strings? This is important to avoid SQL injection hacks

1 Like

This looks good on casual read.

As long as you are validating the webhook inputs correctly and not allowing any other access to the server, should be good.

From your post, I assume you don't need any lessons on validating remote inputs :slight_smile:

For others, you need to do things like limit input parameter sizes, validate everything, ...

Thankfully, that doesn't apply here as only the webhook URL is open, nothing else.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.