Tldr: I received a notice from one of the better indexers I have that my api key had been found on the open web. Any suggestions for ways I can better lock it down?
Details:
I'm running sonarr and radarr and these are the only places the indexers api key are used that I can think of. I have a username and password set for remote access, and that's all I know to do to limit access.
I'm using nzb360 to manage those two wherever I happen to be. Again, using a username and password.
I also use sabnzbd and plex, but neither have access to the indexers api.
They locked me down and will permanently block me if it happens again. Which is why I'm reaching out for ideas.
Do I just need to use better passwords, or is there something I'm missing.
Details:
I'm running sonarr and radarr and these are the only places the indexers api key are used that I can think of. I have a username and password set for remote access, and that's all I know to do to limit access.
I'm using nzb360 to manage those two wherever I happen to be. Again, using a username and password.
I also use sabnzbd and plex, but neither have access to the indexers api.
They locked me down and will permanently block me if it happens again. Which is why I'm reaching out for ideas.
Do I just need to use better passwords, or is there something I'm missing.