Expose node red to internet without open port forwading

hi everyone, in install node red in my computer in local network, how to access node red from internet without open port on router.

My suggestion: use vpn

1 Like

It's best to avoid any system being exposed to the Internet if you can help it. I was looking for a way to get events from the Internet into node-red and I ended up using dweet.io.That way I did not need to have anything exposed, I just needed to check a URL to get the latest event.

another alternative, not mentioned in previous posts and links: webhookrelay

1 Like

It should, of course, be noted that options using intermediate gateways may not be any more secure than rolling you own. Indeed, they may be a lot worse in some respects since it is hard to be sure that they are doing things right.

Thanks for mentioning it! :slight_smile:

So the node-red-contrib-webhookrelay provides a way to safely receive & process webhooks without any public IP or domain configuration. If that's enough, then it's great. You can achieve a lot with just with - getting webhooks from Zapier, IFTTT and many other services directly inside your flows.

However, it doesn't allow you to access Node-RED through the browser. To solve that problem (if there's a need) I would recommend checking out TLS pass-through tunnels with Home Assistant. I can write a guide on how to do it without HA as well, as I personally just have a Docker Compose that starts Node-RED, webhookrelayd container and some other services.

The idea behind TLS pass-through is that HTTPS termination happens on your own machine while Webhook Relay servers act only as dumb pipes so the service cannot spy on you even if it was forced to. Service is not free as there are infrastructure & time costs but I do try to price it reasonably - $4.5/m :slight_smile: If you want a free trial for tunnels, please let me know. Free tier includes webhooks and 1 tunnel (however no HTTPS there so don't use besides demos as it's not safe).

There are such costs for everyone in here who is contributing in some way...not to forget the costs IBM has absorbed for financing the creation of Node-RED itself

I think a better solution is to dedicate a RPi and create your own VPN server

1 Like