3
Is it normal to not have any malicious login attempts? (reddthat.com)
submitted 8 months ago by hit_the_rails@reddthat.com to c/homeassistant@lemmy.world
6 comments fedilink hide all child comments

I've been running Home Assistant for three years. It's port forwarded on default port 8123 via a reverse proxy in a dedicated VM serving it over HTTPS and is accessible over ipv4 and ipv6. All user accounts have MFA enabled.

I see a notification every time there's a failed login attempt, but every single one is either me or someone in my house. I've never seen a notification for any other attempts from the internet. Not a single one.

Is this normal? Or am I missing something? I expected it to be hammered with random failed logins.

top 6 comments
sorted by: hot top controversial new old
[-] ikidd@lemmy.world 1 points 8 months ago

Hold your horses, I'll get to you next.

[-] doodlebob@lemmy.world 1 points 8 months ago

I would highly consider putting your HA behind a cloudflare tunnel if possible.

Set up client certs so you can access it on your phone when away from home

[-] just_another_person@lemmy.world 0 points 8 months ago

That's normal if you're not exposing it to the Internet I suppose. Probably not a lot of bots out there looking for it, but the better question is WHY you have it exposed to the internet.

[-] entwine413@lemm.ee 1 points 7 months ago

I have mine exposed to the Internet so I can control things and get notifications when I'm away. But I pay HA to use their cloud service.

[-] just_another_person@lemmy.world 0 points 7 months ago

You'd be better off just setting up a simple VPN, Tailscale, or Zerotier for this.

[-] entwine413@lemm.ee 1 points 7 months ago

I'd rather support nabu casa.

this post was submitted on 17 Apr 2025
3 points (100.0% liked)

homeassistant

17131 readers
13 users here now

Home Assistant is open source home automation that puts local control and privacy first.
Powered by a worldwide community of tinkerers and DIY enthusiasts.

Home Assistant can be self-installed on ProxMox, Raspberry Pi, or even purchased pre-installed: Home Assistant: Installation

Discussion of Home-Assistant adjacent topics is absolutely fine, within reason.
If you're not sure, DM @GreatAlbatross@feddit.uk

founded 2 years ago
MODERATORS
GreatAlbatross@feddit.uk
greatalbatross@lemmy.world