securing the service - Githubissues

o4oren / Ad-Hoc-Email-Server

An ad-hoc disposable temporary mail server. Create and use ad hoc disposable mailboxes for testing or any other purpose.

Apache License 2.0

381 stars 92 forks source link

securing the service #47

Open lezioul opened 3 years ago

lezioul commented 3 years ago

Hi,

i don't want my self hosted instance to be available to anyone but me. I tryied adding an http auth in nginx but it keeps asking me for credentials. Any idea?

Best regards, lezioul

brodyhoskins commented 3 years ago

Do you mean it's asking repeatedly? That sounds like a browser issue caused by not sending the appropriate headers on each page load.

Also, I highly recommend securing this with HTTPS using basic HTTP authentication since without it, you're sending the username/password in plaintext.

lezioul commented 3 years ago

Yep, https is enabled. And Yes, it's asking repeatedly, but i have no issue with other reverse proxy using both nginx and node.js application.