It's up to you entirely! There is more to website security than the port being used. A true hacker will likely test all port numbers anyway if trying to obtain access.
Weewx is ignorant about your WAN, WAN access, and your web server - it just puts your data where you tell it to. On Sunday, 9 October 2016 20:34:04 UTC+3, Tim Phillips wrote: > Thank you for the help. > > I'm running Apache on my Pi that's on 24/7. So any changes I wish to make > to the WAN access will solely be through Apache's setup, if I understand > your response correctly. > > I have Weewx send the weather data to the weewx stations map as well as > Weather Underground. The weewx stations URL I used directs to the Weather > Underground site, so I'm not directing the public to my Pi address... > > > On Sunday, October 9, 2016 at 10:23:45 AM UTC-7, Andrew Milner wrote: >> >> The first thing you need to grasp is that your web server is NOT part of >> weewx!! >> >> Weewx will put your webpages wherever you tell it to - on the same >> machine or a remote machine. >> >> The web server and it's permissions and access are outside the realms of >> weewx!! >> >> You can either have weewx PUT the generated pages WITHIN your web server >> page hierarchy - or you can leave the pages in /home/weewx/public_html and >> direct your web server to access them at that location (by using a symlink >> or similar). >> >> You can run apache or lighttpd on the same machine as weewx, on a >> separate machine on your local network, or even hosted at a remote web >> hosting site - the choice is yours!! >> >> All that weewx needs to know is where to build the pages, and where to >> transfer them to if necessary. >> >> Access to the generated pages is under the control of the web server - a >> server for which you are the administrator or a remotely hosted server - >> the choice is yours. >> >> >> >> >> >> On Sunday, 9 October 2016 20:10:00 UTC+3, Tim Phillips wrote: >> >>> Is it a good idea to change the default port for the Weewx server on my >>> Pi from 80 to something else that's not so common? I'd like to be able to >>> access my weather station feed over from WAN but am hesitant to just port >>> forward my Pi's IP address out into the wild on port 80. I have a password >>> set for the Pi login already. On top of that, if it's HTTP, is the login >>> password being sent in plain text over the connection? Do I understand that >>> correctly? If somebody was snooping wouldn't they see it? >>> >>> It's becoming increasingly worrisome all of these internet of things >>> (IoT) devices are lacking decent security, so I've been focused on securing >>> my IP camera's, NAS boxes, etc, lately. >>> >>> My understanding of how my Weewx on my Pi is: >>> >>> Weewx running as a daemon (service/background process). >>> Apache2 is the web server so a user can access the Weewx service >>> (daemon) from a browser on LAN/WAN (if port forwarded). >>> - Apache2 runs in the background and is the "gatekeeper" to the >>> services that request a browser-based information request. >>> - Services get access *through *the Apache server to the >>> destination port it's assigned to. In Weewx's case it's "/weewx". >>> >>> BUT, if the port to Apache is 80, and that directs to Weewx, then how >>> would I set up multiple WAN access, say if I had a webcam service running >>> on the same Pi? >>> >>> Hope *some *of that made some sense... >>> >>> >>> >>> -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
