Configure Secure Node-Red basically

Hello, i am new in node-red. So for basic security, i imagine for node-red dashboard make public without password and for node-red editor make secured by enable user and password login.
Is it possible to make this.

Thanks

Muksidin

Hi,

Welcome to the forum @muksidin, what exactly do you mean by "make public" ?

If you are thinking of making it accessible to the internet - Stop right there and take a look at this -

See this FAQ post for advice on how to safely access node-red over the internet.

Basically, don't make the Editor accessible from the Internet.

If you need remote access to the Editor, use a 3rd-party security proxy such as Cloudflare Zero Trust.

In fact, best to make Dashboard also only available via the secure proxy.

CF ZT allows you up to 50 users on the free tier so should be more than enough for the Editor.

make public means the dashboard can be accessed without entering a password. so anyone can access it

Do you mean anyone in the world with internet access?

No, i configure for local network. So here, for access the editor need authentication and for dashboard no need or other words freely access.

The documentation has a section on securing node-red.
From what you say above, the relevant bit for you is https://nodered.org/docs/user-guide/runtime/securing-node-red#editor--admin-api-security

In your settings.js file is a section like this

Uncomment (remove the leading // characters) from the 8 lines starting from //adminAuth: {
You may wish to change the username from "admin" to something else.
Replace the stuff between password: " and " at the end of that line with a password hash that you create (see the documentation linked above for how).

Now restart node-red.
It will not ask for the password every time.

Thanks for your answer guys. :slightly_smiling_face:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.