You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I expose my Home Assistant via cloudflared. If you don't know what that is, read about it and come back here. It's pretty sweet. Essentially you can open up a service and use cloudflare to limit access, without having to expose your home IP or open any ports. Great. It also makes the connection HTTPS (even if HA is only running as HTTP).
The firewall happens to be extremely useful and robust. For example, I can make it so exact that if the client trying to access my config doesn't have a very specific cooke set, then they will get a 403 error, as below:
The Request
I would like to see a setting within the Mobile App that allows the user to define a specific cookie that gets shared on each connection, exactly for this purpose. It would work like a pre-shared key, one extra step towards securing the server from outside access.
The setting would be: Cookie name: ____randomkey12324381_____. Cookie data: _____supersecretpasssssssword131938123______
Simple as that. Anything that connects to the cloudflared instance pointing to my HA server that doesn't have this set, gets automatically denied.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I expose my Home Assistant via
cloudflared. If you don't know what that is, read about it and come back here. It's pretty sweet. Essentially you can open up a service and use cloudflare to limit access, without having to expose your home IP or open any ports. Great. It also makes the connection HTTPS (even if HA is only running as HTTP).The firewall happens to be extremely useful and robust. For example, I can make it so exact that if the client trying to access my config doesn't have a very specific cooke set, then they will get a 403 error, as below:
The Request
I would like to see a setting within the Mobile App that allows the user to define a specific cookie that gets shared on each connection, exactly for this purpose. It would work like a pre-shared key, one extra step towards securing the server from outside access.
The setting would be:
Cookie name: ____randomkey12324381_____. Cookie data: _____supersecretpasssssssword131938123______Simple as that. Anything that connects to the cloudflared instance pointing to my HA server that doesn't have this set, gets automatically denied.
Beta Was this translation helpful? Give feedback.
All reactions