Is hosting grafana on http a security concern?

Grafana dashboard hosted on one of one of the cardano node relays , is available to browse with http , also the default credentials are very easy to guess . Isnt that a security concern

You should be changing the default credentials immediately. Good point about the http, there should be a way to enforce https.

Please update this post if you do find a way to enforce https

There are guides like this Grafana: How to configure SSL HTTPS in Grafana - turbogeek that might be useful.

thanks, will try this out

It’s a concern if you use HTTP from a public network as someone could easily sniff the password.

Additionally, you could add a server firewall rule to allow incoming connections from a specific IP only.

If you have more free time to spend securing everything, you could have a VPN server running at that IP so when you connect from another place you would connect to that VPN and than access Grafana… or running the VPN server on the internet… (the digital ocean machine costs 5$/month but requires technical skills to configure)

If you go for the VPN approach you may consider using Wireguard. This is an easy way which does not require a dedicated server for it.

Thanks Mcrio will explore this option in future.

Thanks Zwirny - I am not using wireguard for now. But will explore more in future