After I started to host my own Minecraft Server on the Synology DS216play, I wanted to share my Server Adress to all my friends. Now I have one more question because of OpenHAB on Synology.
Is there any opportunity to protect my OpenHAB with a password lock or something else?
I don’t want that they try to use any ports and to change my settings when they access the OpenHAB Page.
Is it enough when I don’t add the ports to port forwarding? Or can they check it out although they shouldn’t?
While a reverse proxy can help, if your Minecraft server has a security vulnerability (and we all know how good Microsoft is at finding and resolving security bugs), that puts your openHAB install on the same machine at risk as well. I’d personally buy an ODROID (or RPi, if you favor them) and put your openHAB install on a physically different machine.
You’ll also need to make sure that all http requests are redirected to https by your reverse proxy, as openHAB doesn’t handle the proxy headers properly. openHAB also doesn’t manage the possibility that it has been reverse proxied to anything but the webserver root. (for example, it won’t work if it is at http://www.example.com/openHAB/ instead of at http://www.example.com)
