Announcement

Collapse
No announcement yet.

PHLocation V2 Discussion

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Here is what changed:

    PHL2 no longer has its own web server. It now uses HomeSeer's web server. As a result you will forward an external port to your HomeSeer web server's port - default 80. You will use HomeSeer login credentials with normal privileges. There are no longer separate PHL2 credentials.

    For this reason I believe MyHS to be a better solution for security reasons, unless you have enabled SSL on your HomeSeer server.

    I am testing my VPN and it is working well. For that there is no need for credentials at all. After the test I may go back to MyHS as it was totally reliable and fast.

    EDIT: Al tested and succeeded with Normal privileges. This would enhance security. I still believe it would be prudent to consider MyHS as opposed to an open port to the Internet.

    EDIT2: It also works with Guest User Rights
    Randy Prade
    Aurora, CO
    Prades.net

    PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

    Comment


    • Originally posted by rprade View Post
      You will use HomeSeer login credentials with admin privileges..
      I created an account specific for Geofency with no admin privileges. Would that not be a better way to go? Why use an admin account for that?
      HS 3.0.0.532: 1963 Devices 1141 Events
      Z-Wave 3.0.1.261: 122 Nodes on one Z-Net

      Comment


      • Originally posted by sparkman View Post

        I created an account specific for Geofency with no admin privileges. Would that not be a better way to go? Why use an admin account for that?
        Absolutely. I just wasn't sure how HS handles access. I was going to try to test later to see what level of access was required. Did you try Guest?

        Randy Prade
        Aurora, CO
        Prades.net

        PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

        Comment


        • Originally posted by rprade View Post
          Absolutely. I just wasn't sure how HS handles access. I was going to try to test later to see what level of access was required. Did you try Guest?
          I did not try Guest. I have it set as a "Normal" user and deselected Event Access, Counters Timers Access and Log Access. Let me know if it works for Guest.
          HS 3.0.0.532: 1963 Devices 1141 Events
          Z-Wave 3.0.1.261: 122 Nodes on one Z-Net

          Comment


          • Originally posted by sparkman View Post

            I created an account specific for Geofency with no admin privileges. Would that not be a better way to go? Why use an admin account for that?
            Al, are you saying that you created an additional User Name/Password for PHL2 in the "Setup>Network" tab under "Web/HS Touch User Settings" as "Guest"? I'm trying to keep up with the thread in my understanding. Mike
            Computer: CUK Intel NUC7i7BNH
            Op System: Windows 10 Pro - Work Station
            HS Version: HS3 Pro Edition 3.0.0.435

            Plug-Ins: BLBackup, BLGData, BLRoombaWifi, Device History, EasyTrigger, ImperiHome, Nest, PHLocation, Pushover 3P, Restart, Sonos, UltraCID3, UltraWeatherWU3, Z-Wave, and Jon00 scripts.

            Comment


            • Originally posted by rprade View Post
              For this reason I believe MyHS to be a better solution for security reasons, unless you have enabled SSL on your HomeSeer server.
              Randy, why would one have enabled SSL (in the Labs tab) and what benefits would it present? Mike
              Computer: CUK Intel NUC7i7BNH
              Op System: Windows 10 Pro - Work Station
              HS Version: HS3 Pro Edition 3.0.0.435

              Plug-Ins: BLBackup, BLGData, BLRoombaWifi, Device History, EasyTrigger, ImperiHome, Nest, PHLocation, Pushover 3P, Restart, Sonos, UltraCID3, UltraWeatherWU3, Z-Wave, and Jon00 scripts.

              Comment


              • Originally posted by MNB View Post

                Al, are you saying that you created an additional User Name/Password for PHL2 in the "Setup>Network" tab under "Web/HS Touch User Settings" as "Guest"? I'm trying to keep up with the thread in my understanding. Mike
                Hi Mike, yes, except not as "Guest", but as "Normal" with Event Access, Counters Timers Access and Log Access deselected. Randy will try as "Guest". This is for GeoFency authentication.

                Cheers
                Al
                HS 3.0.0.532: 1963 Devices 1141 Events
                Z-Wave 3.0.1.261: 122 Nodes on one Z-Net

                Comment


                • I just tested Guest privileges.and it also works. Al, you can just change the User Rights to Guest and test yours.
                  Randy Prade
                  Aurora, CO
                  Prades.net

                  PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                  Comment


                  • I too am using GeoFency are you saying there's any issue with authentication? I noticed that I'm able to create HS3 devices from GeoFency app when I either depress Entry/Exit Test and HS3 devices change every time either one is selected but I do not see my HS3 Log being update when those actions occur unless there is a error occurring. Mike
                    Computer: CUK Intel NUC7i7BNH
                    Op System: Windows 10 Pro - Work Station
                    HS Version: HS3 Pro Edition 3.0.0.435

                    Plug-Ins: BLBackup, BLGData, BLRoombaWifi, Device History, EasyTrigger, ImperiHome, Nest, PHLocation, Pushover 3P, Restart, Sonos, UltraCID3, UltraWeatherWU3, Z-Wave, and Jon00 scripts.

                    Comment


                    • Originally posted by rprade View Post
                      Here is what changed:

                      PHL2 no longer has its own web server. It now uses HomeSeer's web server. As a result you will forward an external port to your HomeSeer web server's port - default 80. You will use HomeSeer login credentials with normal privileges. There are no longer separate PHL2 credentials.

                      For this reason I believe MyHS to be a better solution for security reasons, unless you have enabled SSL on your HomeSeer server.

                      I am testing my VPN and it is working well. For that there is no need for credentials at all. After the test I may go back to MyHS as it was totally reliable and fast.

                      EDIT: Al tested and succeeded with Normal privileges. This would enhance security. I still believe it would be prudent to consider MyHS as opposed to an open port to the Internet.
                      Gotcha, so I’ve deleted the rule in my router for port forwarding and changed the web hooks in Geofency to the MyHS link...so far seems to have fast updates in HS. So the user that you are using for this should be a Geofency user with “Guest” access? Correct? I have to set that user up in the MyHS account management page too, correct?


                      Sent from my iPad using Tapatalk
                      HS3 3.0.0.500 &HSTouch Designer 3.0.71 with 782 Devices, 479 Events
                      Plugin's:
                      BLBackup, BLOccupied, BLShutdown, EasyTrigger, Ecobee,
                      EnvisaLink DSC, PHLocation, Pushover, SONOS, Blue Iris, UltraRachio3,
                      weatherXML, Jon00 Alexa Helper, Network Monitor, Z-Wave 3.0.1.252

                      Comment


                      • Originally posted by rprade View Post
                        I just tested Guest privileges.and it also works. Al, you can just change the User Rights to Guest and test yours.
                        Thanks Randy!
                        HS 3.0.0.532: 1963 Devices 1141 Events
                        Z-Wave 3.0.1.261: 122 Nodes on one Z-Net

                        Comment


                        • Originally posted by MNB View Post

                          Randy, why would one have enabled SSL (in the Labs tab) and what benefits would it present? Mike
                          If you have a valid certificate installed and if you enable SSL communications are all encrypted. Without SSL all communications are unencrypted. It would be very easy for a nefarious entity to capture any data between any device and another over unencrypted communications.

                          For example, the username and password sent to your home from your phone, every time a GeoFency post is sent, can easily be intercepted and read. If you use RDP to access a computer over an unencrypted port forwarding scheme, the user name and password to that computer are exposed.

                          The argument is that it is very unlikely that a nefarious individual would bother with your home IP. Unlikely is really not good enough.

                          Randy Prade
                          Aurora, CO
                          Prades.net

                          PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                          Comment


                          • Originally posted by MNB View Post
                            I too am using GeoFency are you saying there's any issue with authentication? I noticed that I'm able to create HS3 devices from GeoFency app when I either depress Entry/Exit Test and HS3 devices change every time either one is selected but I do not see my HS3 Log being update when those actions occur unless there is a error occurring. Mike
                            Not saying there's an issue. With PHL1, there was a specific user account within PHL1 that GeoeFency used to authenticate. I had created the same user account in HS since PHL2 uses the built-in HS web server so wanted to ensure it properly authenticated. What user account did you configure within GF to authenticate to the HS server?
                            HS 3.0.0.532: 1963 Devices 1141 Events
                            Z-Wave 3.0.1.261: 122 Nodes on one Z-Net

                            Comment


                            • Originally posted by The Profit View Post

                              Gotcha, so I’ve deleted the rule in my router for port forwarding and changed the web hooks in Geofency to the MyHS link...so far seems to have fast updates in HS. So the user that you are using for this should be a Geofency user with “Guest” access? Correct? I have to set that user up in the MyHS account management page too, correct?


                              Sent from my iPad using Tapatalk
                              You are mixing two different method. If you use MyHS, you do not control the user, HomeSeer does through the MyHS communication protocol. Unless I missed something MyHS always gives admin access.

                              Randy Prade
                              Aurora, CO
                              Prades.net

                              PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                              Comment


                              • Thanxs Randy for the explanation! It sounds like your suggesting that we use the SSL methodology (once I'm up and running) Mike
                                Computer: CUK Intel NUC7i7BNH
                                Op System: Windows 10 Pro - Work Station
                                HS Version: HS3 Pro Edition 3.0.0.435

                                Plug-Ins: BLBackup, BLGData, BLRoombaWifi, Device History, EasyTrigger, ImperiHome, Nest, PHLocation, Pushover 3P, Restart, Sonos, UltraCID3, UltraWeatherWU3, Z-Wave, and Jon00 scripts.

                                Comment

                                Working...
                                X