Domoticz

Ather the last beta update i get al these conections in my status log.
Can you explane why ??

See attachment

Oh, you have many connection requests from unknown. Maybe you have to configure a firewall in the domoticz machine to enable only IP networks of your choice.

Aha ofcourse that could be the issue
I wil reconfig my firewall settings and see what it does

NvBgm wrote: ↑Friday 14 March 2025 14:00 Aha ofcourse that could be the issue
I wil reconfig my firewall settings and see what it does

You may also see wiki, as there is some fail2ban configurations to handle such domoticz traces to dynamically ban (for some time) the IP addresses responsible for too many connect attempts.

Better not expose your domo to the web.
If you need to access your domo instance from outdoors, use a VPN.
Most modem/routers support vpn server, if yours does not, get one that does.

azonneveld wrote: ↑Friday 14 March 2025 22:37 Better not expose your domo to the web.
If you need to access your domo instance from outdoors, use a VPN.
Most modem/routers support vpn server, if yours does not, get one that does.

Agreed. Do not expose.

If you're running domoticz on RPI you could choose PiVPN, a secure way to get access to your RPI from outside.
You might also ask yourself why you should use beta.

Oke thank you foor al the info.
I think go looking for a vpn server.
I don't no why we use the beta version maby can we go back to the final relaese..
I hoop i can stil read my setting in it.
Thanks

It is just an extra logging entry, so you had this already in your old environment but you did not see it...
So it is a good thing you are looking at your security setup because of this logging.

As mentioned, don't use default ports like 80/443 and expose these on the internet.

In your router forward a strange port like 3562 to port 443 of Domoticz, or even better, don't expose it on the internet and use something like Wireguard to access your internal systems from outside

gizmocuz wrote: ↑Tuesday 18 March 2025 8:59 In your router forward a strange port like 3562 to port 443 of Domoticz,

Strange ports are just a security illusion: Shodan

Yep, but 80% of the script kiddies will not scan all these ports.

That's why I can recommend Wireguard to make a VPN to your home and don't put stuff on the internet that should not be there

Some networks may block non standard ports use... So on my side I always kept default 443 open to the outside: HTTPS is much less attacked than SSH for instance, simply because that's much more valuable asset to get in! As is a VPN, because if someone managed to exploit it that's all your LAN that is exposed without needing to break several other doors than just breaking in a https server.
Currently, for corporate use, the VPNs are replaced by other solutions that check/segregate/tunnel if needed traffic in a fine tuned way to avoid this VPN "unique door to all intranet" downside. See zscaler & similar stuff...

So HTTPS open with some active measures using fail2ban are still OK nowadays. Just don't use long ban time, it's useless & will fill FW with too many rules & may even be offer DoS possibilities. Offending IPs will change quickly anyway when banned so 5 or 10 mn ban is more than enough & rules list will remain low.