caesartcs
commented
2 years ago So generally speaking, you don't want to expose port 81 to the public internet, just 80, 443. Ideally, good security practice would be to leave it internal and perhaps use a VPN to get into your network and access it that way.
If you are trying to remotely access your NPM dashboard from the internet, 2FA is another option and might be implemented in v3 (#1202). But there is potentially a way to do that today.
If you have your NPM proxy dashboard (I mean port 81) as a subdomain (which come to think of it, idk if you can. I think you should be able to), I would suggest you spin up Authelia and run through this guide https://thehomelab.wiki/books/dns-reverse-proxy/page/setup-authelia-to-work-with-nginx-proxy-manager
github-actions[bot]
My NPM is public internet facing, and it would make me sleep better at night if I could simply implement HTTP Basic Auth for the NPM admin portal itself, but it doesn't seem supported.