DopeGhoti
Active Member
In general, for best practice, such tools should be configured so that either they can only be accessed at all from within your LAN (i. e. from your physical domicile), or if you want to access it remotely, either via a VPN (which effectively puts you inside your LAN) or through another layer of authentication under your control; even something as simple as an Apache proxy demanding Basic HTTP Authentication (preferably via HTTPS). The above-linked case of zillions of peoples' cars being exposed and potentially compromised was, if I recall, a bunch of people installing the otherwise excellent TeslaMate and opening access to the wider internet with no such restrictions.