MQTT Protect

[lori72]

Hi, I managed to connect domoticz with mosquitto to turn the lights on and off, but I don't understand if there is a way to protect my domoticz from requests from other users, let me explain: if my domoticz accepts the commands in the domoticz / in how can I protect him that only I can send him commands? if another user logs into my browser and sends the commands in domoticz / in she could send me commands that I do not want, thanks

[thomasbaetge]

hmm...normally the MQTT endpoints are not protected, that applies to Domoticz as well as the physical devices you may be using.
however, it is always a good practice, to protect your MQTT broker (presumably Mosquitto) with a user/pw combination.
I would also recommend, to use your very own Broker within your network and by no means some some free internet based one. Setup and config is easy enough to do so.

It's not, that domoticz would accept MQTT messages from any random broker, but just from the registered MQTT Broker (configured in the hardware tab).
Messages from other brokers, even within your network, will simply be ignored (I actually tested that when I migrated my broker from RPI to Docker on Synology and ran 2 Brokers at the same time in my network for a while)

Other than that, make sure you do your due dilligence and take care of your network protection. if that is not okay, the MQTT messages will be the very least of your problems.