This project is currently under development and may not be stable. Use at your own risk.
What actions should I take to protect the backend service? First of all, generate a highly unique "API Key". My personal suggestion is to use a password generator that will create a special key.
I would change the default port to something unique. Additionally, I would run it inside a Docker container and restrict access to only a specific IP that should have access to the backend service via a firewall.
This project is licensed under the MIT License - see the LICENSE file for details.