I am working on an Angular application which evolves around MQTT for communication. The idea is that the web app is kind of a live dashboard of all clients connected and sending data, the clients will be Android Apps primarily.
For the Angular app I am using 'ngx-mqtt' (https://www.npmjs.com/package/ngx-mqtt) and I have setup a debian server and configured ufw rules for mosquitto and set mosquitto config to this:
listener 9001 0.0.0.0
protocol websockets
I am developing this in my freetime, but I would like to make this as secure as possible, so I wonder if there is room for improvement.