Fix “This action is not allowed with this security level configuration” in ComfyUI
ComfyUI is an incredibly powerful and flexible interface for working with Stable Diffusion workflows. But if you’ve spent any time experimenting with custom nodes, APIs, or advanced configurations, you may have run into a frustrating message: “This action is not allowed with this security level configuration.” It can appear suddenly and block you from running workflows, installing nodes, or accessing certain features. Fortunately, this issue is almost always tied to adjustable security settings—and once you understand them, the fix is straightforward.
TLDR: The “This action is not allowed with this security level configuration” error in ComfyUI happens because your current security settings restrict certain actions, such as running scripts, accessing the API, or loading custom nodes. You can fix it by adjusting the security level in your startup configuration or command-line arguments. Always balance convenience with safety, especially if your system is connected to a network. When configured properly, ComfyUI runs smoothly without compromising your machine.
Why This Error Happens in the First Place
ComfyUI includes built-in security controls designed to prevent unsafe or unauthorized actions. These safeguards are especially important when:
- You’re running ComfyUI on a shared network
- You’ve enabled remote access
- You’re using API endpoints
- You’ve installed third-party custom nodes
The platform assigns different security levels to determine what actions are allowed. When a task exceeds the permissions of the current configuration, ComfyUI blocks it—and shows the now-infamous error message.
In simple terms: ComfyUI is protecting your system.
Common Actions That Trigger the Error
While the exact cause can vary, here are the most common triggers:
- Running ComfyUI with remote access enabled without proper flags
- Using custom nodes that execute scripts
- Accessing the API with restricted permissions
- File system access outside approved directories
- Queue manipulation through external requests
If you recently modified your launch settings or added a plugin, that’s likely where the restriction originated.
Understanding ComfyUI Security Levels
ComfyUI allows different security configurations depending on how you launch it. These are typically controlled through command-line arguments or configuration settings.
While the exact options may evolve over time, security settings generally fall into three conceptual categories:
| Security Level | Access Level | Best For |
|---|---|---|
| Strict | Minimal permissions | Public or shared network access |
| Moderate | Limited scripting and API control | Local machines with occasional API use |
| Low or Disabled | Full permissions | Private development setups |
The stricter the security level, the more likely you are to encounter the configuration error when performing advanced tasks.
How to Fix the Error Step by Step
1. Check How You’re Launching ComfyUI
The first place to look is your launch command. Many users start ComfyUI with a simple command such as:
python main.py
But when additional flags are added—especially related to networking—the default security behavior may change.
If you’re using flags like:
- –listen
- –port
- –api
ComfyUI may automatically restrict certain actions to prevent remote exploitation.
2. Adjust Security Flags
Depending on your setup, you may need to explicitly allow higher-permission functionality. For example, enabling full API access or allowing specific node executions.
This often involves modifying your startup command to include appropriate permission settings. Review the official documentation for the exact parameter supported by your current ComfyUI version.
Important: Only lower security settings if you are on a trusted, local machine.
3. Disable Remote Access (If Not Needed)
If you enabled –listen to test something and no longer need remote access, remove it.
Running ComfyUI locally (without exposing it to your network) typically prevents the security-level conflict altogether.
4. Review Custom Nodes
Some custom nodes attempt actions that require elevated permissions, such as:
- Executing Python scripts
- Accessing system files
- Downloading external models automatically
If a specific workflow triggers the error:
- Disable recently installed nodes.
- Restart ComfyUI.
- Re-enable nodes one at a time.
This process quickly reveals whether a third-party extension is responsible.
5. Update ComfyUI
Sometimes the issue isn’t your setup—it’s an outdated version. Security handling evolves over time, and newer versions may refine how permissions are managed.
Before making major configuration changes, always:
- Pull the latest version from the repository
- Check release notes for security-related updates
- Verify compatibility with installed custom nodes
Balancing Functionality and Safety
It’s tempting to lower all security restrictions permanently. After all, fewer barriers mean fewer interruptions.
However, consider the risks:
- Malicious requests if exposed to the internet
- Accidental file modification
- Unauthorized model execution
- System vulnerability through poorly written extensions
If you’re a solo creator running ComfyUI on a personal, offline machine, reduced security is usually safe. But if you’re hosting it for a team or exposing it through port forwarding, stricter controls are essential.
Rule of thumb: Use the lowest security level necessary for your workflow—but no lower.
Advanced Troubleshooting
If adjusting startup flags doesn’t work, consider these deeper checks:
Check Console Logs
The terminal output often contains additional clues. Look for:
- Permission denied messages
- API restriction warnings
- Blocked execution notices
The line immediately before the error usually indicates what was blocked.
Firewall and OS Permissions
Sometimes the issue is external to ComfyUI. Your operating system or firewall may restrict certain behaviors, especially on:
- Corporate laptops
- University machines
- Cloud-hosted environments
Confirm that Python itself has appropriate network and file access permissions.
Virtual Environments
If you installed ComfyUI inside a Python virtual environment, ensure it has proper dependency installation and folder permissions. Misconfigured environments sometimes mimic security errors.
When Running ComfyUI on a Server
Running ComfyUI on a remote server or cloud instance changes the equation entirely. In these setups:
- Never disable security restrictions completely.
- Use authentication layers if available.
- Consider reverse proxies with access control.
- Restrict IP access where possible.
The configuration error may actually be saving you from a serious security issue.
Quick Fix Checklist
If you just want a fast resolution path, follow this order:
- Restart ComfyUI.
- Remove remote access flags if unnecessary.
- Update to the latest version.
- Disable recently installed custom nodes.
- Adjust security configuration to match your intended usage.
In most cases, one of these steps resolves the problem within minutes.
Final Thoughts
“This action is not allowed with this security level configuration” may sound alarming, but it’s rarely catastrophic. It simply means ComfyUI is doing exactly what it was designed to do: protect your system from potentially unsafe operations.
Once you understand how launch flags, remote access, APIs, and custom nodes interact with security settings, the error becomes far less intimidating. Instead of a mysterious roadblock, it becomes a helpful checkpoint reminding you to align permissions with your intended workflow.
Configure wisely, update regularly, and keep security proportional to your environment—and ComfyUI will remain both powerful and safe.
