Secure Home Assistant Remote Access With Cloudflare (2022)
Secure home assistant remote access with cloudflare, making your home assistant instance both properly secure while keeping it available from outside your network. For this tutorial you will need to purchase or transfer a domain to cloudflare. We will be using Cloudflare proxy among other hardening steps. Home Assistant is an awesome home automation platform, but, much like any other internal service you expose to the internet, the threats are just around the corner. Secure home assistant remote access with cloudflare to make your Home Assistant instance secure enough to be exposed to the internet via Cloudflare proxy. In this video we will see all the recommended steps to Secure home assistant remote access with cloudflare top to bottom. As part of the process you will also need to create a port forwarding rule and restrict it to Cloudflare IP ranges. Please make sure you know how to do that on your firewall or router. In summary, Secure home assistant remote access with cloudflare requires some technical know how but if you are a home assistant user you either had to turn off access from the internet if you were "smart" or you exposed your home assistant instance without properly protecting it. This video will try to remediate that. Matthew Hodgkins Blog Post: https://hodgkins.io/securing-home-assitant-with-cloudflare Configuration.yaml snippet: http: server_port: 2053 ssl_certificate: /ssl//origin.pem ssl_key: /ssl/privkey.pem ip_ban_enabled: true login_attempts_threshold: 5 # Add use_x_forwarded_for use_x_forwarded_for: true # Add the Cloudflare IPs as trusted proxies https://www.cloudflare.com/ips-v4 trusted_proxies: - 173.245.48.0/20 - 103.21.244.0/22 - 103.22.200.0/22 - 103.31.4.0/22 - 141.101.64.0/18 - 108.162.192.0/18 - 190.93.240.0/20 - 188.114.96.0/20 - 197.234.240.0/22 - 198.41.128.0/17 - 162.158.0.0/15 - 104.16.0.0/13 - 104.24.0.0/14 - 172.64.0.0/13 - 131.0.72.0/22 Video Index 0:00 Intro 1:38 Whiteboard Illustration 5:30 Understanding DNS And Creating Records 9:50 Changing Home Assistant Configuration.yaml File 12:05 Adding Certificates From Cloudflare to Home Assistant 15:55 Port Forwarding Configurations 20:00 Hardening Your Home Assistant Account with 2FA 22:00 Creating Cloudflare Firewall Rules 24:08 Using Home Assistant Cloudflare Integration for DDNS 28:03 Summary #homeassistant #cloudflare #security If you liked this video, hit the like button. Follow us on twitter: https://twitter.com/techmeout5 Join our Synology Facebook group: https://www.facebook.com/groups/synousergroup Join our Ubiquiti UniFi Facebook group: https://www.facebook.com/groups/ubntusergroup
Secure home assistant remote access with cloudflare, making your home assistant instance both properly secure while keeping it available from outside your network. For this tutorial you will need to purchase or transfer a domain to cloudflare. We will be using Cloudflare proxy among other hardening steps. Home Assistant is an awesome home automation platform, but, much like any other internal service you expose to the internet, the threats are just around the corner. Secure home assistant remote access with cloudflare to make your Home Assistant instance secure enough to be exposed to the internet via Cloudflare proxy. In this video we will see all the recommended steps to Secure home assistant remote access with cloudflare top to bottom. As part of the process you will also need to create a port forwarding rule and restrict it to Cloudflare IP ranges. Please make sure you know how to do that on your firewall or router. In summary, Secure home assistant remote access with cloudflare requires some technical know how but if you are a home assistant user you either had to turn off access from the internet if you were "smart" or you exposed your home assistant instance without properly protecting it. This video will try to remediate that. Matthew Hodgkins Blog Post: https://hodgkins.io/securing-home-assitant-with-cloudflare Configuration.yaml snippet: http: server_port: 2053 ssl_certificate: /ssl//origin.pem ssl_key: /ssl/privkey.pem ip_ban_enabled: true login_attempts_threshold: 5 # Add use_x_forwarded_for use_x_forwarded_for: true # Add the Cloudflare IPs as trusted proxies https://www.cloudflare.com/ips-v4 trusted_proxies: - 173.245.48.0/20 - 103.21.244.0/22 - 103.22.200.0/22 - 103.31.4.0/22 - 141.101.64.0/18 - 108.162.192.0/18 - 190.93.240.0/20 - 188.114.96.0/20 - 197.234.240.0/22 - 198.41.128.0/17 - 162.158.0.0/15 - 104.16.0.0/13 - 104.24.0.0/14 - 172.64.0.0/13 - 131.0.72.0/22 Video Index 0:00 Intro 1:38 Whiteboard Illustration 5:30 Understanding DNS And Creating Records 9:50 Changing Home Assistant Configuration.yaml File 12:05 Adding Certificates From Cloudflare to Home Assistant 15:55 Port Forwarding Configurations 20:00 Hardening Your Home Assistant Account with 2FA 22:00 Creating Cloudflare Firewall Rules 24:08 Using Home Assistant Cloudflare Integration for DDNS 28:03 Summary #homeassistant #cloudflare #security If you liked this video, hit the like button. Follow us on twitter: https://twitter.com/techmeout5 Join our Synology Facebook group: https://www.facebook.com/groups/synousergroup Join our Ubiquiti UniFi Facebook group: https://www.facebook.com/groups/ubntusergroup