Ummm.... With basic authentication, my server is open to the world without a password???

Aug 26, 2020
3
0
USA
So I have my server setup on https via a URL so I can view from anywhere. I used to use the "secure session keys and login" option, however I recently unchecked that so I could pass triggers w/ passwords via URL (), which uses basic authentication.
Come to find out, my server has been accessible to the world from myurl.com without any type of authentication! Even tested accessing it from a tor browser outside my home network to confirm!
Why is this, that seems to defeat the whole purpose of authentication!
v 5.3.2.2
 
Welcome LavaTiger99....

hint: See the VPN notes...
 
So you port forward directly to your BI machine? That's bad. When you pass triggers like that is it passing your username and password in the clear as well?

You need a VPN server. You connect to that from outside your network first and then access BI.