API Access Control

Controlling access to a node plays a vital role in security. The following configurable flags are available to control the access to your node:

{
  "modules": {
    "http_api": { (1)
      "enabled": true, (2)
      "access": { (3)
        "public": false, (4)
        "whiteList": ["127.0.0.1"], (5)
      },
    }
  }
}
1 Contains options for the API module.
2 Controls the API’s availability. If disabled, no API access is possible.
3 Contains API access options.
4 If true, the API endpoints of the node are available to public.
5 This parameter allows connections to the API by IP. Defaults to only allow local host.

The recommended setup is to configure a whitelist for only trusted IP addresses, such as your home connection. Use IPV4 addresses only as the whitelist does not support IPV6.

To set up a public wallet, simply leave the modules.http_api.access.whitelist array empty.

For optimal security, disable all access setting modules.http_api.enabled to false.

This last configuration may prevent monitoring scripts from functioning.