Why did this restriction appear after a ComfyUI Manager update?

ComfyUI Manager 2.x added security levels in response to incidents where public ComfyUI deployments were exploited via the Manager interface to run arbitrary code. New installations default to "normal" for safety. If you updated Manager and suddenly cannot install nodes, your security level was changed to the new default. Changing it back to "normal-" for local use is the intended workflow.

Is it safe to set security_level to "weak"?

On a local machine that is not accessible from the internet, yes. On any machine with a publicly accessible port, no. "Weak" removes all origin checks on Manager API calls, meaning anyone who can reach your ComfyUI URL can trigger node installations and code execution. Assess your network exposure before using "weak".

The Manager settings panel itself shows "action not allowed" - how do I change the security level?

This happens when "normal" security blocks the settings panel API call. The fix is to edit config.ini directly: find it at ComfyUI/custom_nodes/ComfyUI-Manager/config.ini, change security_level = normal to security_level = normal-, save the file, and restart ComfyUI. The file is plain text - any text editor works.

Does the security level affect workflow execution or just node management?

Only node management. Workflow execution (running generations, using installed nodes, accessing the /prompt API) is unaffected by all security levels. You can run any workflow that uses already-installed nodes regardless of the security setting. Only the Manager-specific actions (install, update, restart) are gated by the security level.

I set security_level to normal- but still see the error after restart. What is wrong?

Three common causes: (1) You edited the wrong config.ini - there may be multiple ComfyUI Manager installations or forks. Verify with find . -name config.ini -path "*Manager*". (2) You did a browser refresh instead of restarting the ComfyUI Python process. The config is loaded at startup, not on each reload. (3) The environment variable COMFYUI_MANAGER_SECURITY_LEVEL is set to "normal" somewhere and overrides config.ini. Check with: echo $COMFYUI_MANAGER_SECURITY_LEVEL.

Can I install nodes without ComfyUI Manager at all?

Yes. ComfyUI Manager is a convenience layer. Any custom node can be installed by cloning its git repository into ComfyUI/custom_nodes/ and installing its requirements with pip install -r requirements.txt. ComfyUI scans the custom_nodes directory at startup and loads any Python package it finds there. Manager simply automates this process.

Does changing the security level affect automatic updates?

"Normal" blocks both manual installs and automatic updates. Switching to "normal-" or "weak" re-enables the auto-update functionality. If you run a production deployment and need to prevent unintended updates, keep "normal" and handle updates manually via git pull in the custom node directory followed by a ComfyUI restart.

Is there a way to allow specific nodes to install while keeping others blocked?

Not in the current Manager implementation. Security level is a global setting, not a per-node allowlist. If you need this level of control, install nodes manually via CLI (bypasses Manager entirely) and keep Manager on "normal" security to block unsupervised installs from the UI. This is the recommended pattern for production deployments.

ComfyUI Manager: 'This Action Is Not Allowed' (Fix)

"This action is not allowed" in ComfyUI Manager blocks custom node installation, updates, and model downloads. This error was introduced in ComfyUI Manager 2.x as a security hardening measure after public deployments were exploited to run arbitrary code via the Manager web interface. Understanding the three security levels and when each is appropriate lets you choose the right fix for your environment.

Why the Restriction Exists

ComfyUI Manager can install arbitrary Python packages and execute shell commands during custom node installation. On a local machine behind a firewall, this is acceptable. On a server exposed to the internet, it is a critical vulnerability: any visitor who can reach the Manager interface can install malicious nodes that execute code on your server.

The restriction protects you in shared or cloud deployments. Before disabling it, assess your deployment: is port 8188 accessible to anyone other than you? If yes, lowering the security level is a serious risk. If no (local machine, VPN-only access, or nginx auth in front), the restriction is safe to relax.

ComfyUI Manager security levels - May 2026

Level	Install nodes	Update nodes	Install models	Use case
normal	No	No	No	Public-facing deployments
normal-	Yes (local only)	Yes	Yes	Local use, default for new installs
weak	Yes	Yes	Yes	Local machine, unrestricted

Fix 1: Change Security Level in Manager Settings

The fastest fix for local installations. Open ComfyUI Manager (click "Manager" button in the ComfyUI sidebar), go to "Settings Manager", and change the "Security level" dropdown from "normal" to "normal-" or "weak".

"normal-" is the recommended setting for local development: it allows node installation but only from localhost connections. This means if someone accesses your ComfyUI remotely but you have not opened the firewall, they still cannot trigger installations. For a local machine where you access ComfyUI from the same device, "normal-" is the right balance.

"weak" removes all connection-origin checks. Use this only if you need to install nodes from a remote session on a fully private network (VPN, private LAN with no internet exposure).

Fix 2: Edit config.ini Directly

If the Manager UI itself is blocked (some "normal" configurations block the settings panel too), edit the config file directly.

$find-config.sh

# Find the Manager config file
find . -name "config.ini" -path "*/ComfyUI-Manager/*"
# Usually at: ComfyUI/custom_nodes/ComfyUI-Manager/config.ini

# Edit the security level
# Change: security_level = normal
# To:     security_level = normal-

$config.ini

[default]
security_level = normal-
enable_manager = true
skip_startup_screen = false

After editing config.ini, restart ComfyUI completely (stop the process and start it again - a browser refresh is not sufficient). The Manager reads config.ini at startup, not on each request.

2.x

ComfyUI Manager version that introduced the security level system and the "action not allowed" error

workflow/lab, May 2026

Fix 3: CLI Flags at Startup

For Docker deployments or automated environments where editing a config file is inconvenient, ComfyUI Manager respects an environment variable and a CLI argument for security level.

$startup-with-security.sh

# Method A: Environment variable (set before starting ComfyUI)
export COMFYUI_MANAGER_SECURITY_LEVEL=normal-
python main.py --listen

# Method B: Pass directly in the startup command
# (check your ComfyUI Manager version - this flag was added in 2.3+)
python main.py --listen --manager-security-level=normal-

For Docker Compose, add the environment variable to your service definition:

$docker-compose.yml

services:
  comfyui:
    build: .
    environment:
      - COMFYUI_MANAGER_SECURITY_LEVEL=normal-
    ports:
      - "8188:8188"

Understanding What Each Level Blocks

The "normal" level specifically blocks: install custom nodes, update custom nodes, install missing nodes, restart ComfyUI from the Manager UI, and install models via the model manager. It does not block: running existing workflows, using already-installed nodes, or accessing the ComfyUI API.

This is why you can still run generations with "normal" security but cannot add new nodes. The restriction targets the code execution pathways (package installs, git clones, pip runs), not the inference pathway.

The Safe Alternative: Install Nodes via CLI

If you are on a public-facing deployment and cannot safely lower security, install nodes manually from the command line. This bypasses Manager entirely and does not require changing security settings:

$manual-node-install.sh

# SSH into your server and install nodes manually
cd ComfyUI/custom_nodes/

# Install a custom node by cloning its repository
git clone https://github.com/author/custom-node-repo.git

# Install its Python dependencies
cd custom-node-repo
pip install -r requirements.txt

# Restart ComfyUI
# (CTRL+C the running process, then restart)

This is the approach used in production deployments: nodes are installed during the Docker build process or as part of an infrastructure-as-code setup, not via the Manager UI. The Manager UI is a convenience for local development, not a production management tool.

Verifying the Fix Worked

After changing the security level and restarting, the Manager button in the ComfyUI sidebar should respond to "Install Custom Nodes" without the "action not allowed" error. You can also verify the active security level by checking the Manager settings panel - the current level is displayed in the Security Level field.

$verify-fix.sh

# Check Manager config to confirm security level
grep -i security ComfyUI/custom_nodes/ComfyUI-Manager/config.ini

# Expected output after fix:
# security_level = normal-

Security Recommendations by Deployment Type

Local machine (you are the only user, not exposed to internet): "weak" is fine. You control who can access the machine.
Local machine accessed from multiple devices on your home network: "normal-" is recommended. Prevents remote access installs while allowing local installs.
Cloud VM or VPS with ComfyUI behind nginx auth: "normal-" is acceptable if your nginx authentication is configured correctly. Install nodes from the CLI during setup rather than via Manager.
Public-facing deployment (any user can reach the ComfyUI interface): keep "normal". Install nodes manually via CLI only. Never expose Manager to untrusted users.