After installing NodeRed for the first time, you can usually access the NodeRed configuration interface without much hassle. This is handy because you can start directly with the configuration.
Unfortunately, it is dangerous too. Because if anyone on the network can access the NodeRed configuration interface, it means that anyone on the network can execute commands on the system.
Here you should make access as difficult as possible. Especially once you unlock access to the NodeRed configuration over the Internet, this is a must. Otherwise your own RaspberryPi will probably not work very fast not only for your own NodeRed server but also for the next bot network.
An important step in making access to NodeRed more difficult is to set up a user login for the configuration interface. How you set this up is explained in the following article.
The article NodeRed - Encrypt connection also describes how you can encrypt the connection to your NodeRed configuration. Connection encryption is another important security benefit, especially if you want to access your NodeRed configuration over the Internet.
Hints for our lovely english readers: Basically, many of the articles on Nerdiy.de are translations from the original german articles. Therefore, it may happen here and there that some illustrations are not available in english and that some translations are weird/strange/full of mistakes or generally totaly wrong. So if you find some obvious (or also not obvious) mistakes don't hesitate to leave us a hint about that in the comment section.
Also please don't get confused, that instead of a "dot" often a "comma" is used as decimal separator. 🙂
Safety instructions
I know the following hints are always a bit annoying and seem unnecessary. But unfortunately, many people who knew it "better" from carelessness lost their eyes, fingers or other things or hurt themselves. In comparison, a loss of data is almost not worth mentioning, but even these can be really annoying. Therefore, please take five minutes to read the safety instructions. Even the coolest project is worth no injury or other annoyance. https://www.nerdiy.de/en/sicherheitshinweise/
Affiliate links / advertising links
The links to online stores listed here are so-called affiliate links. If you click on such an affiliate link and store via this link, Nerdiy.de receives a commission from the online store or provider concerned. The price doesn't change for you. If you do your purchases via these links, you will support Nerdiy.de in being able to offer further useful projects in the future. 🙂
Requirements
Helpful Articles:
Of course NodeRed should already be installed so that you can take over this configuration. In addition, the Sonoff RF Bridge should already be prepared.
How to prepare this and a RaspberryPi and then install NodeRed on it is described in the following articles.
RaspberryPi - Setting up for Nerdiys!
RaspberryPi - The first configuration
RaspberryPi - Controlling the RaspberryPi via SSH
NodeRed - Installing NodeRed on the RaspberryPi
Required tools:
-none-
Required material:
In the following list you will find all the parts you need to implement this article.
Log in via SSH on the RaspberryPi
To get started, you first need to log in to RasPi with SSH on Putty. How to do it is described in the article

Update package management
The package management in Linux is a "central point" over which various software packages can be installed. For this to work reliably, the lists and sources of package management should be updated before installing any new packages.

sudo apt-get update && sudo apt-get upgrade



Password generate hash value
The password for your user interface will be entered later in the configuration file of your NodeRed installation. Since it is a security risk to save passwords as plain text (ie unencrypted) in configuration files, in this case a hash value of your password is generated and entered in the configuration file. The hash value does not directly indicate the password.
So that you can generate the hash value, it is recommended to install the "node-red-admin" tools.
The command is:
sudo npm install -g node-red-admin

After the installation is complete you can call the hash value generator with the following command:
sudo node-red-admin hash-pw


Enter the user name and hash value in the config file
Now you open the configuration file of your NodeRed installation
sudo nano /home/pi/.node-red/settings.js







Restart NodeRed
So that the changes are now also adopted, you have to restart your NodeRed installation once. This is done with the following command:
sudo service node red restart

Have fun with the project
I hope everything worked as described. If not or you have any other questions or suggestions, please let me know in the comments. Also, ideas for new projects are always welcome. 🙂
P.S. Many of these projects - especially the hardware projects - cost a lot of time and money. Of course I do this because I enjoy it, but if you appreciate that I share this information with you, I would be happy about a small donation to the coffee box. 🙂
Quick question is the whole thing under Portainer?
Once I've created a container, it takes me straight to nodered's page
Hi Mathias,
you mean you installed NodeRed as a docker container?
The same should actually work there. You probably connected the NodeRed user data to the file system of your host via a share, right?
Then you should also be able to edit the settings.js and Co. 🙂
Best regards
Fabian