Control API access
Controlling access to a node plays a vital role in security. The following configurable flags are available to control the access to your node:
{
"modules": {
"http_api": { (1)
"enabled": true, (2)
"access": { (3)
"public": false, (4)
"whiteList": ["127.0.0.1"], (5)
},
}
}
}
1 | Contains options for the API module. |
2 | Controls the API’s availability. If disabled, no API access is possible. |
3 | Contains API access options. |
4 | If true, the API endpoints of the node are available to public. |
5 | This parameter allows connections to the API by IP. Defaults to only allow local host. |
The recommended setup is to configure a whitelist for only trusted IP addresses, such as your home connection. Use IPV4 addresses only as the whitelist does not support IPV6.
To set up a public wallet, simply leave the modules.http_api.access.whitelist
array empty.
For optimal security, disable all access setting modules.http_api.enabled
to false
.
This last configuration may prevent monitoring scripts from functioning. |