i've tried to find this since i'm sure others have asked, but couldn't find the magic search words:
is there a (reasonably easy) way to :
a. make it so the ui is just ip address like http://192.168.1.10
b. make it so the editor is like http://192.168.1.10/editor
c. make it so the editor is password protected somehow, maybe htaccess, or something that can easily be overridden if you can ssh into the system
see ui
setting in the docs
see httpAdminRoot
setting in the docs
see httpAdminAuth
in (you guessed it) the docs 
PS, the magic search terms would be dashboard url
or dashboard ui endpoint
, httpAdminRoot
and httpAdminAuth
- tones of threads on the forum
Lastly, there is more info about Securing Node-RED here: Securing Node-RED : Node-RED
thank you, i try and be handy but without knowing the magic words, its quite hard to find whta you want. i'll review what you posted for me