Node Red GUI Behind a VPN but allow inbound call in outside of VPN


Is there two separate ports node red runs on? one for inbound traffic and one for GUI?

We have node red deployed in the cloud. We changed the default port in the settings file and running https, secured behind authentication.

Ideally I want to lock the GUI behind a VPN so you have to be on our VPN for the administration. However I still need things like webhook subscription from outside services to be able to access the flows to process incoming data.

Is that even possible?
thanks in advance

No. But they do use different paths so if you really wanted to, you might be able to use a reverse proxy to split the paths onto separate ports.

Yes, it should be - but you will need the help of NGINX, Caddy, HAproxy or something similar. You would use one of them to block access to the editor except from specific IP addresses.

1 Like

Thank you, started a dialogue with our infrastructure team, they are deploying in kubernetes cluster, but they have no node-red experience.