Building an Application.

Jackal46

Senior Member
Joined
Feb 10, 2024
Messages
908
Reaction score
964
Since I got retrenched I have gotten into doing a lot of odd jobs. I also service cars and is earning enough to call it a fulltime job. As long as Toyota keeps on building shitty cars I am golden.

That said I am working on a home atomization project and got things to start working. Thing is the client aka brother in law wants to control his home outside of his home network. Easy enough I thought, turns out it is not that easy.

I did some research and was told Port forwarding is the way to go. I am not pretending I understand half of this stuff.

Is port forwarding safe?
How do I know if router can do port forwarding?

There is also the problem of it not being a static IP. I can build the app to automatically update the IP while on the home network that is easy enough. But what do you guys think.

What possible ****ups are there in this situation. I am just worried the man gets hacked and blame it on me.
 
There is also the problem of it not being a static IP
Hold it right there, that is where your lack of knowledge begins.
This is why many devices and stuff connect to backends in the cloud. That way the backends/servers/cloud BS knows where the device is and can do a reverse connection i.e. similar to reverse-SSH without having the customer requiring a static IP, or even a port forward.
 
Hold it right there, that is where your lack of knowledge begins.
This is why many devices and stuff connect to backends in the cloud. That way the backends/servers/cloud BS knows where the device is and can do a reverse connection i.e. similar to reverse-SSH without having the customer requiring a static IP, or even a port forward.
That sounds like money. I don't care if he has to pay later on. Is there a free service I can use to build and test this stuff they say aws is free but they want credit card info and that just pisses off because that doesn't sound right to me
 
That sounds like money. I don't care if he has to pay later on. Is there a free service I can use to build and test this stuff they say aws is free but they want credit card info and that just pisses off because that doesn't sound right to me
If you're with fnb just sign up with a virtual card and then delete the card.
 
so what is the magic about vpns? i was told that i can link devices over the net with vpns never heard of that before a couple of days ago?
 
That sounds like money. I don't care if he has to pay later on. Is there a free service I can use to build and test this stuff they say aws is free but they want credit card info and that just pisses off because that doesn't sound right to me
AWS has some services that offer a limited free tier.. Some services have a perpetual free tier, others limited to the first year..

Provided you stay within the limits of the free tier offering, it will be free..

The addition of the credit card is mostly part of account verification, to limit hackers and spammers from spinning up resources for nefarious purposes..
 
To provide access to a home automation system on a home network, from any remote location, to an individual or limited group, port forwarding is not a very secure option. It exposes the services unnecessarily to bad actors who can discover it automatically, poke at it at will and exploit any vulnerability they find.

Better solutions for this use case are:
  • A remote proxy service such as Cloudflare Tunnels, NGrok, Zrok or Tailscale Funnels (Make sure you require authentication, don't publish to the whole internet.)
  • A Mesh/Overlay VPN such as Tailscale or Netbird
All of the above either have free tiers and/or can be cloud hosted. Punch out of your network so they don't expose an attack surface in that way and no static IP required. You can have authentication before connection so no bad people can poke at it.
 
I was thinking OpenVPN but I doubt they want to have all that software installed on their home server and phone. Then I was thinking web interface but now we are on server stuff and I don't know enough about that stuff to even get started.

since is going to handle very little load. will something like this work. VPS Hosting South Africa

1728591888083.png

R600 a year is a lot better then worrying about Mister Bezo$ telling me I went over some ****ing limit that only they know about.
 
I was thinking OpenVPN but I doubt they want to have all that software installed on their home server and phone. Then I was thinking web interface but now we are on server stuff and I don't know enough about that stuff to even get started.

since is going to handle very little load. will something like this work. VPS Hosting South Africa

View attachment 1763758

R600 a year is a lot better then worrying about Mister Bezo$ telling me I went over some ****ing limit that only they know about.
OpenVPN or Wireguard would be more secure than a port forward. But the other options I mentioned above expose less of an attack surface.

I'm not sure why you need to VPS though if you are trying to connect to a server on their home network. Maybe I've misunderstood what you are trying to do.
 
OpenVPN or Wireguard would be more secure than a port forward. But the other options I mentioned above expose less of an attack surface.

I'm not sure why you need to VPS though if you are trying to connect to a server on their home network. Maybe I've misunderstood what you are trying to do.
No you did not misunderstood anything. I just want to experiment with other stuff as well. I have a bakkie and a quantum staring at me. Both due for engine replacement. I will get back to you when they are done.
 
Last edited:
To provide access to a home automation system on a home network, from any remote location, to an individual or limited group, port forwarding is not a very secure option. It exposes the services unnecessarily to bad actors who can discover it automatically, poke at it at will and exploit any vulnerability they find.

Better solutions for this use case are:
  • A remote proxy service such as Cloudflare Tunnels, NGrok, Zrok or Tailscale Funnels (Make sure you require authentication, don't publish to the whole internet.)
  • A Mesh/Overlay VPN such as Tailscale or Netbird
All of the above either have free tiers and/or can be cloud hosted. Punch out of your network so they don't expose an attack surface in that way and no static IP required. You can have authentication before connection so no bad people can poke at it.
Just create your own.

 
yea the engines are pulled I am now waiting for the customer to bring me the replacements. ****ing Toyota is worse then an Alpha any day of the week. I actually want to build an app to log car parts. I am working on it now. I mainly work on Toyota but sometimes I get a VW with a toasted motor.

I want to build an app that can keep track of all the **** I buy and use. Better billing means more money for this old **** and I am all about the green. so I need the server to play with github stuff make it work see if it can keep track.
 
So if I do want to work with port forwarding how can I go about it without opening my network up to bad stuff?
 
As others have said, just use a VPN. Many routers support OpenVPN or WireGuard which you can enable for remote access. Hosting on a dedicated PC or server would be even better, but more complicated. Avoid port forwarding unless you fully understand what you’re doing.
 
You need to crawl before you can walk.Do some IT certifications first .....
 
I'm always of the opinion that every problem is an old problem and already has a solution. Unless of course you are planning to establish a colony on Mars.

For everything else, someone out there has already built and solved it.

I say this because this information can assist you if you want to build your own and so Chatgpt likely has all the information needed to spare you much of pain.

As I've discovered though, with a recent complex project of creating a puzzle assembly python project, chatgpt can only do so much so you will still have some rolling up of sleeves and reading/learning to do.
 
You need to crawl before you can walk.Do some IT certifications first .....
LOL I should tell people to become a mechanic before they can buy a car. My oldest is now grownup but that said my wife and I had children much later in life then we would have liked. I love my kids and want to spend more time with them then what I have left. Am not going to study IT at this stage in my life. if I can't figure it out, I will find someone that did.
 
Last edited:
Top
Sign up to the MyBroadband newsletter