forbidden errror Topic is solved

Please use template to report bugs and problems. Post here your questions when not sure where else to post
Only for bugs in the Domoticz application! other problems go in different subforums!
Forum rules
Before posting here, make sure you are on the latest Beta or Stable version.
If you have problems related to the web gui, clear your browser cache + appcache first.

Use the following template when posting here:

Version: xxxx
Platform: xxxx
Plugin/Hardware: xxxx
Description:
.....

If you are having problems with scripts/blockly, always post the script (in a spoiler or code tag) or screenshots of your blockly

If you are replying, please do not quote images/code from the first post

Please mark your topic as Solved when the problem is solved.
Post Reply
pvklink
Posts: 122
Joined: Wednesday 12 November 2014 16:01
Target OS: Raspberry Pi
Domoticz version:
Contact:

forbidden errror

Post by pvklink » Saturday 11 August 2018 22:30

Version: I Use the latest domoticz beta version
Platform: on a raspberry pi 3
Description:

action_1
When i use the following command on my telefhone from the wan
This works:
http://wan_ip:<port> and i have to type my username and pwd and i get the domoticz menu

action_2
When i type:
http://<user>:<pwd>@wan_ip:<port>/json.htm?type=command&param=switchlight&idx=<id>&switchcmd=On
I get a forbidden error.

My router and firewall seems to be ok otherwise i could not connect to the server with action_1...

Somebody an idea?
I need to access from the wan because i like to use google assistant from my telephone with iFTTT to use my domoticz by voice...

pvklink
Posts: 122
Joined: Wednesday 12 November 2014 16:01
Target OS: Raspberry Pi
Domoticz version:
Contact:

Re: forbidden errror

Post by pvklink » Sunday 12 August 2018 11:24

It does worj now from behind my LAN.

It seems that you can only use de domoticz web username and pwd and not the other user accounts
I cleared the cache
i first logged off from domoticz before executing the http/json command
and after that i used the next command:
http://<user:pwd>@<ip:port>/json.htm?type=command&param=switchlight&idx=<id>&switchcmd=On

I also used a wrong json command for devices and groups. I read this:
http://www.domoticz.com/wiki/Domoticz_API/JSON_URL's

Even my telephone with Google assistent and IFTTT works now!
Last problem is that this solution is not very secure, usernames and passwords are going plain over the internet..

Anybody some tips on this?
Is creating an local google assistent with raspberry pi a solution ?

dswinton
Posts: 4
Joined: Sunday 11 December 2016 14:12
Target OS: -
Domoticz version:
Contact:

Re: forbidden errror

Post by dswinton » Sunday 12 August 2018 15:10

Hi @pvklink

This might be a solution to the username and password issue:
https://github.com/dswinton/domo-ifttt

You can use a passphrase to authenticate access from IFTT to hook up your Google home. This also effectively limits what can be done from the internet (device on/off, no other possible Domoticz commands or device listing, etc.).

Also, I'd strongly recommend using HTTPS rather than HTTP, that way your stuff is encrypted, rather than in the clear.

pvklink
Posts: 122
Joined: Wednesday 12 November 2014 16:01
Target OS: Raspberry Pi
Domoticz version:
Contact:

Re: forbidden errror

Post by pvklink » Saturday 25 August 2018 19:13

thanks!

I already use IFTTT on my cellphone togeter with google assistent and webhooks

Do I understand it well that i have to add:
1) webserver on my domoticz server
2) add the php script to it and
3) instead that IFTTT on my cellphone has a real username/pwd is has another secret and communicates with the webserver
4) the real secret is on my webserver(script) on my domoticz server ?

If so, i have 2 big challenges !

1) how to make SSL working on my current domoticz. I did that about 2 years ago and that was a lot of work with letsencrypt etc.
i adjust my router and
changed domoticz.sh on the root of the domoticz folder with
DAEMON_ARGS="$DAEMON_ARGS -www 8080"
DAEMON_ARGS="$DAEMON_ARGS -sslwww 443"
I can now connect to my domoticz with https://ip:443 .. i get a red triangle in front of the https command, is this still encrypted ?

2) how to add a webserver to my domoticz ( i know how to port forward and add the php as proposed)
sudo apt install apache2
sudo nano /etc/apache2/ports.conf changed ports
sudo nano /etc/apache2/sites-enabled/000-default.conf (changed ports)
sudo apt install php7.0 libapache2-mod-php7.0 php7.0-mysql php7.0-gd php7.0-opcache
sudo systemctl restart apache2

now trying to add the script to it and try if all the stuff works

Post Reply

Who is online

Users browsing this forum: No registered users and 6 guests