Why is it recommended to use basic auth (either through Apache2 or NGINX)?

Doesn't homarr come with a login screen already? What is the purpose of the basic auth? I know it says to keep API keys safe, but if no one knows my homarr login, they can't view my API keys right?
4 Replies
Cakey Bot
Cakey Bot2mo ago
Thank you for submitting a support request. Depending on the volume of requests, our team should get in contact with you shortly.
⚠️ Please include the following details in your post or we may reject your request without further comment: - Log (See https://homarr.dev/docs/community/faq#how-do-i-open-the-console--log) - Operating system (Unraid, TrueNAS, Ubuntu, ...) - Exact Homarr version (eg. 0.15.0, not latest) - Configuration (eg. docker-compose, screenshot or similar. Use ``your-text`` to format) - Other relevant information (eg. your devices, your browser, ...)
❓ Frequently Asked Questions | Homarr documentation
Can I install Homarr on a Raspberry Pi?
beanbeanjuice
beanbeanjuiceOP2mo ago
I guess logs aren't really quired for this question
Serenaphic
Serenaphic2mo ago
Because we are not specialized in security. Therefore it would be best to use a proxy that is specialized. It could be considered sufficient, but homarr having access to almost all you apps through API's, we still in good conscience recommend a better system than what we can provide + having a centralised login system to protect all your apps is better for end users
beanbeanjuice
beanbeanjuiceOP2mo ago
I see, thank you so much for the clarification!
Want results from more Discord servers?
Add your server