I have my Hassio instance running with Duckdns and encrypted via lets encrypt (part of the Duckdns addon). I added the SSL info to my node-red add on and everything has been working smooth for over 5-6 months now.
For some reason, I never noticed the Hassio Add-On Security rating was a 2 out of 5 and it made me wonder if there was anything I should be worried about? my understanding was that since Node-red was secured by the same credentials as my Hassio instant that I was good? or is there some other reason this has a 2/5 security rating?
