Hey All,
I know this is a pain but I would like to point a domain at my NodeRed. I've hosted a local site myself many years ago. I remember it being a real chore to get it set up. I was a web developer for a while but I never did this kind of work.
As I search around the waters are muddy on how to do this.
So far I've
Looking for a tutorial or something.
Thx
Rich
Not there yet but this video has been helpful
If you have not at least setup user/pwd access to your node-red then there is a good chance it has already been hacked, so you may need to rebuild your system.
After you have stopped the port forwarding and stopped node-red (as it may now be running flows that go out over the internet, mining crypto etc) then see this FAQ post for advice on how to safely access node-red over the internet.
ok, I think I have the DNS set up, I'm waiting for it to propagate.
Now I have questions as to which port to open up on my local router. of course node red works on 1880. But I'm also using grafana and influxdb which work on ports 3000 and 8086. I also have apache running but I'm currently not using it but may in the future.
My router wants to see a range of ports, so something like this 80-8100. Seems like that would leave me pretty vulnerable. What are best practices here?
Thanks
Rich
Read the guide I posted.
When you do get to opening ports use multiple single port settings. If the router needs a range make the start and end the same.
ok, I turned off my port forwarding before the domain propagated. I should be safe for the moment.
Best practice is to use a correctly configured proxy and only open port 443 (https). Don't expose InfluxDB directly to the Internet. Hide 1880 and 3000 (NR and Grafana) using the proxy.
You can use Apache as a proxy but it is quite resource hungry. Alternatives such as NGINX, Caddy, HAproxy, etc would likely be more efficient.
There are apparently robots probing ip addresses looking for node-red servers.
Make sure your settings.js and flows.json file have not been changed. Assuming this is a normal node-red install the flows can write to any file in your complete home folder, and anywhere else you have permission to write. Hopefully you are running node-red as a normal user, not as root.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy