I am now actually so far with my NS 8 installation that I can send my beloved NS 7 into well-deserved retirement.
However, it is giving me a headache that the administration page of NS 8 is also accessible via the Internet when I open port 80 or 443. With NS 7, access was regulated via port 980 or port 9090 (Cockpit). Is there a similar option for NS 8 without having to make major changes to the existing infrastructure?
I did this also with several .yml files, e.g. in mariadb1.yml to restrict access to /phpmyadmin.
It works. Thanks for that.
Is this surviving updates ?
Apparently the last core update overwrites the _api_server.yml file again. You simply have to reset the entry - MwTrustedNetworks. Unattractive, but doable.
after the current core update, the settings in _api_server.yml file are no longer overwritten. It is no longer necessary to make a subsequent correction.