1401/metrics not protected

[agossouvi]

Hi, {IP_server}:1401/metrics is not protected.... Can you fix that ?

[farirat]

What do you mean by "protected" ? If it's meant to be secured with authentication then, since this is not a user-centric endpoint it must not be exposed externally, it's only for internal networks, example for observability in a kubernetes cluster. If you are exposing jasmin's 1401 port to public then you'll need to put a reverse proxy in front of it and filter incoming requests to only allow user-centric endpoints like /send, /balance ...

[agossouvi]

Thank you for your quick reply. Yes, it is, "insecure" is the correct term. I understand your logic.

Do you have a recommendation for the reverse proxy? Thanks.

[farirat]

There's no specifc requirement, can be the old good httpd or nginx, traefik ...

[agossouvi]

Ok, thanks !