I know this is a pain but I would like to point a domain at my NodeRed. I've hosted a local site myself many years ago. I remember it being a real chore to get it set up. I was a web developer for a while but I never did this kind of work.
As I search around the waters are muddy on how to do this.
If you have not at least setup user/pwd access to your node-red then there is a good chance it has already been hacked, so you may need to rebuild your system.
After you have stopped the port forwarding and stopped node-red (as it may now be running flows that go out over the internet, mining crypto etc) then see this FAQ post for advice on how to safely access node-red over the internet.
ok, I think I have the DNS set up, I'm waiting for it to propagate.
Now I have questions as to which port to open up on my local router. of course node red works on 1880. But I'm also using grafana and influxdb which work on ports 3000 and 8086. I also have apache running but I'm currently not using it but may in the future.
My router wants to see a range of ports, so something like this 80-8100. Seems like that would leave me pretty vulnerable. What are best practices here?
There are apparently robots probing ip addresses looking for node-red servers.
Make sure your settings.js and flows.json file have not been changed. Assuming this is a normal node-red install the flows can write to any file in your complete home folder, and anywhere else you have permission to write. Hopefully you are running node-red as a normal user, not as root.