Replies: 1 comment 2 replies
-
|
you can "whitelist" useragent containing "Home Assistant/" in {
"name": "HAss",
"user_agent_regex": "Home Assistant/",
"action": "ALLOW"
},Also, i really wanna try to set Anubis on my HAss, but everytime i tried, i got an Anubis error (may be related to wss?). |
Beta Was this translation helpful? Give feedback.
-
|
Hi, that's what I was thinking but it feels like a little bit too weak as a mechanism given that any bot could fake it. |
Beta Was this translation helpful? Give feedback.
-
|
I don't really have a better suggestion other than allowlisting your IP address or using split horizon DNS such that your home assistant pierces anubis at the routing level. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
I'm running the stock policies behind nginx proxy manager plus. I'm exposing my home assistant service which is accessible via its domain name and when I use a browser such as Chrome or Firefox I can see Anubis doing its work (as well as in the logs).
The issue is that unfortunately the companion app of Home Assistant is a web-view with a user-agent which includes "Home Assistant" text but also Chrome and Firefox and hence issuing the challenge, here is the log
What would be the best solution (both technically and secure) to avoid the challenge here? Is the test on the user agent the solution? Isn't that fragile?
Beta Was this translation helpful? Give feedback.
All reactions