Hi Rich and THX a lot.
I have now installed a Apache ReverseProxy based on following tutorial (i switched to openhab2):
But I only did the https-Konfig und therefore opened Port 443 to Raspberry.
I tried using myopenhab, but the connection is very (very) slow then.
With habdroid i use my dynDNS URL with the logindata from the tutorial above.
Sometimes i also use Chrome. Therfore i saved a favorite, which also transports the login infos within the URL (just to be faster).
I also installed fail2ban…but just made following changes to the config:
jail.local file → bantime 86400 (= 1 day)…nothing else so 3 retries a allowed.
I didnt open Port 22 on my router (but 80 for the website/phpmyadmin and 3306 for mysql is forwarded)
But this 2 Ports get closed again in summer 2017 after scool is over.
Its a good idea using seperate RPIs, but because after scool i dont use Ports 820 and 3306 anymore i want to wait and then 1 RPI should be enough.
I hope this config is a little bit better than before.
Oh i forgot…i also opened port 1194 for a vpn connection…but there are keys and certs and so on which onliy i have…i hope thats secure.