Security concern - HA login page exposed to the internet

jkoenig72 · April 20, 2023, 8:39am

Hi,

I love the haaska work. It works like a charm, all set up with nginx proxy, let’s encrypt and duckdns.

What I do not like is that the HA login page is exposed on the internet in my current setup.

I would like to see HA login page only when I connect from the LAN, only and I can dial in via VPN if that is needed. So I want HA communicating to AWS obviously but not that HA GUI is exposed.

Any idea how to stop that?

jkoenig72 · April 20, 2023, 8:51am

For those of you have the same issue -

I added block access to / but allow access to /api in the custom location for the HA config in nginx proxy.

For / I added HTTP 127.0.0.1 port 1234 - nothing is running there and now it returns bad - gateway.

Best would be not doing or reply anything. any idea how to do this?