Exposure to the public: 2-FA for access and logoff

Is self hosted siyuan currently safe enough for exposure to the public (https) or should it be used in an internal environment (e.g. only locally or through VPN acess)?

Is there a way to enable 2FA in additon to workspace password for access?

How can I lock the workspace access (let's say I am using a public computer)? I am missing a logoff/logout button.

Thank you in advance! 👍

    3 Operate
    profjlo updated this article at 2024-04-16 01:35:04
    profjlo updated this article at 2024-04-15 22:13:41
    profjlo updated this article at 2024-04-15 19:15:50

    Welcome to here!

    Here we can learn from each other how to use SiYuan, give feedback and suggestions, and build SiYuan together.

    Signup About
    Please input reply content ...
    • zxhd86

      You're using it the right way, just operating the browser correctly is enough to remove the personal content part.

      As for 2FA, I think it's unlikely ...... This is mainly because it's not a priority concern for the developers. Because they don't monetize by selling self-hosted qualifications, self-hosted features are more like leveraging existing modules and a generous free lunch of sorts. So developers don't focus their development on it, but rather on improving the client user experience. Of course, anyone who wants to contribute code to provide this functionality, I think the developers are quite welcome. Because as we all know, SiYuan is an open source software :)

    • MiscReply
    • profjlo
      PRO Author

      Thank you for the reply! I wouldn't want to download the client to the public computer, but rather access self-hosted SiYuan using a domain (e.g. https://www.domain.com). I guess in this case my personal content is saved to the public computer's browser cache, but could be deleted using privacy mode.

      Are security features like 2FA planned for the future?

      1 Reply
    • zxhd86 1

      When the IP address is exposed, it's not secure enough. You need to use a reverse proxy to hide the real IP and port.

      There is no 2FA feature available.

      It cannot be locked, and it is strongly advised against doing so. Downloading and using the Siyuan client on a public computer will result in downloading and decrypting all your note content onto that public computer. Please use a mobile device and enable local server functionality to meet this requirement.

      1 Reply