Hello,
Small suggestion after one of my childs managed to bypass a protected switch (at home/from LAN, so default admin user): He did not change current (not visible from the interface) password in configuration, I would have soon noticed, but was just setting a schedule to set required state a few minutes ahead... and erasing this schedule after state change!
=> Would be nice, for protected switches, to have schedule button need the password (currently, only direct state change needs it).
Of course, that's not bulletproof & I could already enforce admin password even for LAN access but this would be a bit cumbersome.
Another option may be to be able to have a simple user (or even spectator) being default without password on LAN instead of admin but I could not find a way to do this & may be a bit more complex change (as this should allow re-login to admin from the interface for configuration stuff, even if admin:passwd in URL may also do the job).
So I think needing protected switch password to access schedules may be a good compromise to avoid child's not already digging too much into the system being able to remove a wifi AP disable switch schedule or add one to be able to use internet from their bedrooms at night!
Protected switches
Moderators: leecollings, remb0
- waltervl
- Posts: 5148
- Joined: Monday 28 January 2019 18:48
- Target OS: Linux
- Domoticz version: 2024.7
- Location: NL
- Contact:
Re: Protected switches
You can also allow your own devices (IP's) to the trusted network setting and not allowing your child device to allow without login.
Domoticz running on Udoo X86 (on Ubuntu)
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
-
- Posts: 616
- Joined: Thursday 10 November 2016 9:30
- Target OS: Raspberry Pi / ODroid
- Domoticz version:
- Contact:
Re: Protected switches
Yes, I already think about this also. But smartphones use DHCP and may get any addr in range for me & my wife (and well, WAF must be considered!). My son is a bit tricky and already managed to hide an ethernet plug (still have a few areas that were not easy to wire in my home) to be able to restore wifi access (he uses from his bed, ready to hide the laptop if we move!), an old forgotten phone with no more sim inside that'll get an unrestricted IP to disable a schedule before it triggers... even an eBook reader with a wifi, even if not very confortable to use. Sometimes, I really think about using handcuffsf!
But if that's no easy deal, forget it! That's my corner case must admit.
- waltervl
- Posts: 5148
- Joined: Monday 28 January 2019 18:48
- Target OS: Linux
- Domoticz version: 2024.7
- Location: NL
- Contact:
Re: Protected switches
You should only give your wife's phone and your phone a fixed IP and enter the server IP, yours and your wife's IP in the trusted network setting. All the rest of the devices will have to login...
Domoticz running on Udoo X86 (on Ubuntu)
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Who is online
Users browsing this forum: No registered users and 1 guest