Securing Node-RED on a Omega 2 Pro
How do I best secure Node-RED on an Omega 2 Pro?
It seems to me that what gets installed via the Onion OS does not include support for the security settings. I've tried installing the missing bits but it seems that the Omega doesn't have a sufficient grunt to calculate password hashes in a reasonable time.
Given that the Node-RED UI is accessible via Onion OS I'd be happy to simply prevent direct access via port 1880 and hence authenticate via Onion OS first.
I've tried adding some custom iptables rules to DROP traffic to port 1880 but my efforts have also prevented access from within the Onion OS UI.
Is there a way to block direct access to port 1880 while still allowing access via the Onion OS UI?
Whats actually going on here? Is there some sort of reverse proxy happening which allows access to Node-RED via Onion OS on port 80?