Thanks to visit codestin.com
Credit goes to github.com

Skip to content

specify security concerns and actions to mitigate them. #5944

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

specify security concerns and actions to mitigate them. #5944

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
05ec6be
specify security concerns and actions to mitigate them.
finity69x2 Aug 3, 2018
057f570
Update securing.markdown
finity69x2 Aug 4, 2018
eafc8eb
Update securing.markdown
finity69x2 Aug 13, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions source/_docs/configuration/securing.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,16 @@ One major advantage of Home Assistant is that it's not dependent on cloud servic
- Don't run Home Assistant as root – consider the Principle of Least Privilege.
- Keep your [secrets](/topics/secrets/) safe.

If you want to allow remote access, consider these additional points:
If you want to allow remote access, consider taking the additional steps as listed below. They are generally listed with the more secure options first. <b>It is highly recommended that if you are going to be opening your Home Assistant (hence, the control of your home) to the outside world and you don't need remote access to the API (for example, for a device tracker) that you should secure it using one of the first three options</b>:

- Protect your communication with [TLS/SSL](/docs/ecosystem/certificates/lets_encrypt/).
- Enable IP Filtering and configure a low [Login Attempts Threshold](/components/http/)
- Protect your communication with [Tor](/cookbook/tor_configuration/).
- Protect your communication with a [self-signed certificate](/cookbook/tls_self_signed_certificate/).
- Use a [proxy](/cookbook/apache_configuration/).
- Set up a VPN
- Use a [SSH tunnel](/blog/2017/11/02/secure-shell-tunnel/) to connect to your frontend.
- Protect your communication with [TLS/SSL](/docs/ecosystem/certificates/lets_encrypt/).
- Protect your communication with a [self-signed certificate](/cookbook/tls_self_signed_certificate/).
- Use a [proxy](/cookbook/apache_configuration/).
- Enable IP Filtering and configure a low [Login Attempts Threshold](/components/http/)

<p class='note warning'>
If you've forwarded any ports to your Home Assistant system from the Internet then it *will* be found by others. Whether through services like Shodan, or direct port scanning, all systems on the Internet are routinely probed for accessible services. If you fail to set a password then it is simply a matter of time before somebody finds your system - potentially as little as a few hours.
If you've forwarded any ports to your Home Assistant system from the Internet then it *will* be found by others. Whether through services like Shodan, or direct port scanning, all systems on the Internet are routinely probed for accessible services. If you fail to set a password then it is simply a matter of time before somebody finds your system - potentially as little as a few hours. Setting a password should be considered the bare minimum security precaution and, as such, shouldn't be relied upon as the sole security action taken to protect your home from outside hackers. <b>Passwords can be broken!</b>
</p>