Should we use basic authentication when we enable live link?


I don’t think we should setup basic authentication when we enable live link, because the URL is changed and random text is generated every time. but my co-worker believe it is necessary and forces me to do so.

Or is there any danger exposing the url without any access limitation? if so, is there any option on the control panel of local by flywheel?(Maybe not.) If not, please tell me the explanation which make my co-worker might understand.

By the way, we only expose the live link URL in our company, never show it to people outside.


Hi @kame,

I can’t argue one way or the other regarding the security but the way it works now is simply security through obscurity.

With that said, we plan on overhauling Live Links in an upcoming version and we’ll add support for permanent Live Link domains with basic auth support in Local Pro. :slight_smile:

Hi @clay, thanks a lot for replying.

OK, you are preparing live link domains with basic auth in Pro version.
it means it must be “better” providing the URL with some access limitation, right?
you shouldn’t mention it here clearly (I understand it), but it seems be better to use basic auth when we provide website in local environment to outside. I should follow the instruction of the co-worker.

Do you think my understanding is OK?

anyways, local by flywheel is great.