Actuating Relays via http: Security implications?

Moderators: grovkillen, Stuntteam, TD-er

Post Reply
Message
Author
JR01
Normal user
Posts: 260
Joined: 14 Feb 2016, 21:04
Location: South Africa

Actuating Relays via http: Security implications?

#1 Post by JR01 » 24 Apr 2016, 10:02

Hi, I am making progress with adding more functionality to my ESP network + MQTT + Node-Red + Thingspeak. I love ESPEasy, working with these! Thank you all for the great work! My current project's purpose is to read temp of the Geyser, read the Amps in warming the water, and to do intelligent on/off switching of the geyser.

Last night I got a 100Amp relay working for the first time on a new ESP12F with R103 (have problems with R103 web interface, very slow and intermittent though, but aside that...). It is awesome, to use the command on HTTP, (I have seen some discussions on using MQTT as well, will still research this as well) as published: http://<ESP IP address>/control?cmd=GPIO,<pin>,1. But, I am a bit concerned with the security for actuating a relay, if I understand how it works correctly.

My QUESTION: To control the ESP with its HTTP interface, I can give it a password, but to actuate a relay I do not have to. Is their any way in which relay actuation can have improved security features?

I am concerned to have such important tasks as switching on/off a geyser on my wireless network without security. (And yes, I realise an intruder will first have to breach my wireless networks WPA key...)
-----------
IOTPLAY. Tinkerer, my projects are @ http://GitHub.com/IoTPlay, and blog https://iotplay.org. Using RPi, Node-Red, ESP8266 to prove Industry 4.0 concepts.

timsson
Normal user
Posts: 77
Joined: 25 Mar 2016, 22:00

Re: Actuating Relays via http: Security implications?

#2 Post by timsson » 25 Oct 2016, 20:59

Hello,
do you find a way to switch your gpio from a protected easyesp?

Code: Select all

http://  admin:admin@ <ESP IP address>/control?cmd=GPIO,<pin>,1. 
dont work
Thanks

Post Reply

Who is online

Users browsing this forum: Semrush [Bot] and 33 guests