Network Security

Hi everyone,

I have tried to find out about this on various forums, posts etc but with no luck.

Is it possible to host a Streamlit app in a way where you have to be logged onto the same network, as the computer, hosting the app, is logged onto? Meaning it is only accessible for people logged onto the same WiFi, thus as long as the network is secure, no one from the outside can get access to the app.

Hi @Prelon -

Yes, this is essentially a firewall and networking question, which is somewhat removed from Streamlit.

When you run Streamlit on your local machine, it gives you an internal localhost IP, as well as an external one. You don’t have to have the external IP accessible to other people (in many cases, residential internet has external access closed by default). But if you happen to be on the same network (say, from other computer on your home wi-fi), you can connect to a Streamlit app.

For example, I have a Mac laptop I frequently demo from (since web conference software is better supported on macOS than Ubuntu), and I gigantic Ubuntu workstation. So I access "http://threadripper:8501 to run on my big machine, but that URL doesn’t mean anything to anyone outside of my network, since it’s a local network reference.

The same principle applies when hosting on cloud instances. You can approve specific IP addresses that have access to the instance via the firewall, or you can set up a VPN that has a way to give users access to a machine without specifically having to list every possible IP address they might have.

So long story short, yes, this is possible and doesn’t necessarily have anything to do with Streamlit itself. You just need to figure out the right solution for your hosting environment.

You can deploy it on a VM on your network, and setup a reverse proxy http connection for people to connect to it. I have had success with nginx using a username and password authentication.

1 Like