Login via HTTP on local network

Let’s say I self-host something like wefwef (Lemmy front end) locally, so I can see it on localhost:port on the machine where it’s running with Docker, and also on my other devices on my same local network by accessing 192.168.something.something:port

Now, if I were to input my login credentials on that (so without HTTPS), how dangerous is this?

vegetaaaaaaa,
@vegetaaaaaaa@lemmy.world avatar

Your LAN router/switch will see the credentials unencrypted. An untrusted device on your network could perform ARP spoofing, pretend to be 192.168.something.something, and intercept the credentials. Do you trust all devices on your network?

It’s better practice (and simple enough) to setup HTTPS with self-signed certificates and have the browsers manually accept the cert on first connection.

ndr,

I do trust the devices on my network but I guess I’ll probably look into how to setup HTTPS.

peregus,

IMHO, HTTPS is not necessary in a small home network.

peregus,

IMHO, HTTPS is not necessary in a small home network.

peregus,

IMHO, HTTPS is not necessary in a small home network.

peregus,

IMHO, HTTPS is not necessary in a small home network.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • wartaberita
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • [email protected]
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • TheResearchGuardian
  • Ask_kbincafe
  • KbinCafe
  • Testmaggi
  • Socialism
  • feritale
  • oklahoma
  • SuperSentai
  • KamenRider
  • All magazines
    •