On Thursday, November 21, 2019 at 8:30:34 AM UTC-8, Greg Troxel wrote: > I don't follow "password-protected" entirely. >
oh - I meant protecting the Internet MQTT broker from nefarious denial-of-service from the script kiddies. The LAN broker will need to forward/post to the Internet broker instance. You want to make sure it's just 'you' who can post data there, so enabling the MQTT username/password setup on the Internet broker will help stop the bad guys from messing with your data. The LAN MQTT broker can (probably) be open for writes without username/password needed, depending on how you like to set your LAN up. My setup at home has a bunch of pi and arduinos and sensors posting to local MQTT without any passwords needed. When I had the Internet MQTT broker being bridged to (as MQTT uses the term) from the LAN, I had just 'that' one requiring a username/password, and also had some packet filters etc. limiting the incoming MQTT traffic to be from the pretty stable public ip address my home LAN NAT's out to Internet on via my service provider. But no I didn't mean webserver username+pass. Sorry for any confusion there. -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/e83fe789-abd9-4cd4-bced-1bd1a67d695d%40googlegroups.com.
