And soā¦ how does Google / Apple / etc now connect to the server to control devices?
Sorry, I donāt understand the question. Why would third parties other than known clients need to initiate connections to my HA web endpoint? And even less to control devices.
I use pfsense with the pfblockerng and snort add-on. The pfblocker can block many of the scanners like shodan. As well as known tor ips. And it is a pretty good ad blocker as well. While snort will block quite a bit of crap too
Because the original post very clearly said -
So that is the basis of this entire thread. How to secure HA while ALSO being able to use the Google Assistant to control the devices.
Oh, I see. No, I was talking only regarding the subtopic of security. Connecting to Google is not my intention.
My home assistant is public because of SmartThings and Bosh/Siemens webhooks. I am using Cloudflare CDN with WAF and bot fighting mode enabled and I have literaly 0 failed login attempts. And itās free.
Being behind Cloudflareās WAF is also a no-brainer. If you donāt mind them decrypting your traffic (most people donāt).