It removes the need to type port number after your domain.
Port 443 is a standard port for websites that use SSL, and your home assistant will be such a site when you get duckdns addon running. Advantage is that you won’t need to type in port number at all because it will go to 443 by default.
That means if you had to type
https://yourdomain.com:8123
before setting port forward 443->8123, you will be able to go just to
https://yourdomain.com
(without port) after you set it up
But, this will only work from external network if your router does not support NAT loopback. If it does, it is usually an option to enable/disable it for each port forward entry. Enable it, and you will be able to access it without typing port from internal network too.
Thanks for taking your time.
My Router does not support nat loopback, this is the reason why I had to use dnsmasq to be able to use the outside url in my local network.
-
So there are no security differences between both options, right?
-
There is no reason for choosing to 443 if I don‘t mind having :8123 after the URL, right?
-
Would it be possible to use dnsmasq or Pi-hole to do nat loopback (or something equal) to use an url without port in and outside?
Note: The newest iOS App of Homeassistant has an option to set seperate outside and inside urls. But that’s not a global solution for other devices that are not running this App
- So would you say if you have nat loopback than chose 443 without port ending and if you don’t choose another port (like 8123) and get the same url for in an outside (using dnsmasq or similar)
Most of that is new to me, so I like to have that confirmed from someone who knows better.
Thanks!
Ok so I already have the answer for
- Makes no difference, because a bot can port scan you.
But @corunir could you answer the other questions shortly?
Edit:
Ok so tried setting 443 up again. My router doesn’t support nat loopback.
So when my internal port ist different than my external, I cannot use the same url internal and external.
I have to have the same port internal and external to be able to use the same IP.
Could someone confirm that this is because I have no nat loopback?
Also I found a way to use 443 and with that the ability tnot to use a port at my url.
For that I had to change the server_port of home assistant to 443. Also I changed the base_url to XXX:443.
So everythin that was 8123 before is now 443.
And with that I’m able to reach ha internal and external with the url (without the port).
However, I’m not sure If setting 443 as the serverport of homeassistant is a good idea (does it make a difference?), what do you think about that?
maybe @petro ?