Accessing your Home assistant installation outside your house

Having a home automation solution that is only available inside your house might work for some people, but most people want to control their home also form the outside.

There are different options to achieve this in a secure way.

VPN

IC196810Using a VPN is usually the most secure solution. Even if there is a major security bug in your Home Assistant installation, attackers still can’t compromise your system as it isn’t publicly available on the internet. Many ISP’s today already provide a VPN service. You need to check with your ISP if it is available and how to configure it.

The disadvantage of a VPN is that you have to connect to the VPN first. This becomes an even bigger issue, if you use 3rd party applications (e.g. device trackers) that want to connect to your Home Assistant server. If the VPN isn’t connected, they will fail and some status informations might not be updated correctly.

HTTPS

Using a public HTTPS server is not the most secure solution, but still ok in general. Just note that you have to always check for security problems and update your Home Assistant installation regularly.

letsencryptFor HTTPS you will need certificates. A simple and free option today is Let’s encrypt. There is already a guide on the home assistant web site that shows how to use Home Assistant with Let’s Encrypt.

An additional security improvement can be implemented by using a web application firewall in front of the web server. While you can do this by yourself, it it quite complicated. Another option is using Cloudflare.  While you can’t use your own rules in the free version, it will still provide some basic security and protection against general attack patterns.

Comparison of both variants

VPN HTTPS
Security Highest, as your system is protected even in case of security flaws in Home Assistant Ok, but you need to make sure that you regularly patch Home Assistant
Ease of setup Relatively easy if your ISP already offers it, otherwise complicated Medium, guides are available
Ease of use  Medium, you always have to connect the VPN first Very easy

One thought on “Accessing your Home assistant installation outside your house”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.