How to secure your Portainer installation

Creating the first administrator user

1. The first thing you need to do when accessing Portainer for the first time is set up your primary admin user.
   

1. It's good practice not to use the default admin as a username - you can set it to anything you like.
2. Make sure to use a secure password that has a combination of letters, numbers and characters.

Enabling HTTPS access to Portainer

1. Under Settings scroll down until you are on the SSL Certificate section:
   
   

1. Enable the Force HTTPS only option and click on Apply changes:
   
   

1. Portainer now will only be available on port 9443 with https.
   Let's say for example the ip address of your Portainer instace is 192.168.10.50, you will now have access via the following address: https://192.168.10.50:9443
2. You can upload your own certificates if you so prefer via the Settings->SSL Certificate section.

Access Portainer via a VPN using Wireguard

If you want to avid exposing your Portainer instance on the Internet, we suggest you check our blog post that shows how to use an end-to-end connection with Wireguard here: https://www.portainer.io/blog/how-to-run-portainer-behind-a-wireguard-vpn