QuestionsProtect ESP after port forwarding
Thomas Menu asked 5 years ago

hello! i’m currently working on an Arduino-based home automation system. i am using an ESP8266 chip, connected to an arduino mega (they are connected via SPI) witch i use to have more GPIO pins. 
now, i run a simple web server on the esp, witch works fine for now. Trough port forwarding, I’m able to access the sever from anywhere i want. But it’s not secured.. anyone who has the IP address of the sever can access it and mess with my lights. witch, as you can imagine, want to secure. any tips on perhaps adding a password on the esp? or in some way only allow certain MAC addresses on the server?
excuse me for the horrible code, i’m a bit of a newbie.
btw, the code documentation is in Dutch. if you need some translation, hit me up! 
 
#include<SPI.h>
#include <ESP8266WiFi.h> // wifibbliotheek includen
#define CS 15 //define chip select line for manual control
#define ledPin 10 //Onboard LED = digital pin 13
#define dht_apin A0 // Analog Pin sensor is connected
const char* ssid = “”;// variabele “ssid” aanmaken
const char* password = “”;// variabele aanmaken
WiFiServer server(80); // web server op poort 80 maken
// Variable to store the HTTP request
String header;
// Auxiliar variables to store the current output state
String output5State = “off”;
String output4State = “off”;
char buff[] = “dit is een test\n”;

unsigned int data = 0; // variable om ontvangen data (SPI) op te slagen

void START_WIFI();
const int output5 = 5;
const int output4 = 4;

void setup() {
Serial.begin(115200); /* begin serial with 9600 baud */
START_WIFI();
GetExternalIP();
void SPI_SEND(byte);
SPI.begin(); /* begin SPI */
pinMode(output5, OUTPUT);
pinMode(output4, OUTPUT);
pinMode(CS, OUTPUT);
digitalWrite(output5, LOW);
digitalWrite(output4, LOW);
digitalWrite(CS, HIGH); // selecteer de juiste slave
SPI.beginTransaction(SPISettings(1000000, MSBFIRST, SPI_MODE0));
}
void loop() {

WiFiClient client = server.available(); // Listen for incoming clients
if (client) { // als een nieuwe client zich verbind
Serial.println(“New Client.”); // zet dit op de seriele monitor
String currentLine = “”; // laak een string aan om de inkomende inforlatie in op te slagen
while (client.connected()) { // doe dit tot de client zich afgemeld heeft
if (client.available()) { // als de client informatie doorzend
char c = client.read(); // lees de informatie en zet deze op de monitor
Serial.write(c); //
header += c;
if (c == ‘\n’) { // if the byte is a newline character
// als de inkomende informatie twee keer “\n” bevat, betekend dit het einde van de html transmissie .
// qtuur hier informatie over naar de client
if (currentLine.length() == 0) {
// HTTP headers starten altijd met een response code
// en een content line, die laat weten wat voor informatie er juist toekomt
client.println(“HTTP/1.1 200 OK”);
client.println(“Content-type:text/html”);
client.println(“Connection: close”);
client.println();

// dit stukje code bepaald welke informatie er naar de arduino word gestuurd

if (header.indexOf(“GET /5/on”) >= 0) { // wanneer er op de knop “Led Pin 6” geklikt word, verandert de URL naar /5/on. deze informatie word ontvangen in de http header
Serial.println(“GPIO 5 on”); // dit word in bovenstaande lijn nagekeken. als dit het geval is, word dit op het scherm gebracht en word dit doorgestuurd naar de arduino
output5State = “on”;
SPI_SEND(1);

} else if (header.indexOf(“GET /5/off”) >= 0) {
Serial.println(“GPIO 5 off”);
output5State = “off”;
SPI_SEND(2);

} else if (header.indexOf(“GET /4/on”) >= 0) {
Serial.println(“GPIO 4 on”);
output4State = “on”;
SPI_SEND(3);

} else if (header.indexOf(“GET /4/off”) >= 0) {
Serial.println(“GPIO 4 off”);
output4State = “off”;
SPI_SEND(4);
}

// HTML code voor de pagina
client.println(“<!DOCTYPE html><html>”);
client.println(“<head><meta name=\”viewport\” content=\”width=device-width, initial-scale=1\”>”);
client.println(“<link rel=\”icon\” href=\”data:,\”>”);
// CSS to style the on/off buttons
// Feel free to change the background-color and font-size attributes to fit your preferences
client.println(“<style>html { font-family: Helvetica; display: inline-block; margin: 0px auto; text-align: center;}”);
client.println(“.button { background-color: #195B6A; border: none; color: white; padding: 16px 40px;”);
client.println(“text-decoration: none; font-size: 30px; margin: 2px; cursor: pointer;}”);
client.println(“.button2 {background-color: #77878A;}</style></head>”);

client.println(“<body><h1>Thomas Menu</h1>”);
client.println(“<h1> GIP </h1>”);

// de momentele staat van de leds op het scherm brengen en aanpassen indien nodig
client.println(“<p>Led Pin 6 – State ” + output5State + “</p>”);

if (output5State==”off”) {
client.println(“<p><a href=\”/5/on\”><button class=\”button\”>ON</button></a></p>”);
} else {
client.println(“<p><a href=\”/5/off\”><button class=\”button button2\”>OFF</button></a></p>”);
}

client.println(“<p>Led Pin 7 – State ” + output4State + “</p>”);
if (output4State==”off”) {
client.println(“<p><a href=\”/4/on\”><button class=\”button\”>ON</button></a></p>”);
} else {
client.println(“<p><a href=\”/4/off\”><button class=\”button button2\”>OFF</button></a></p>”);
}
client.println(“</body></html>”);
client.println();
// graak uit de while loop
break;
} else {
currentLine = “”;
}
} else if (c != ‘\r’) { // if you got anything else but a carriage return character,
currentLine += c; // add it to the end of the currentLine
}
}
}
// maak header weer leeg
header = “”;
// stop de verbinding
client.stop();
Serial.println(“Client disconnected.”);
Serial.println(“”);
}
}

void SPI_SEND (byte waarde){
byte spi_dat;
digitalWrite(CS, LOW); //zet de slave select lijn laag om de juiste slave aan te spreken
SPI.transfer(waarde); //stuur de variabele “write” naar de arduino
digitalWrite(CS, HIGH); //zet de slave select lijn weer hoog
delayMicroseconds(10);
digitalWrite(CS, LOW); //Zet de slave select lijn weer laag om incomende data te ontvangen van de slave
spi_dat = SPI.transfer(waarde); //ontvang deze data
digitalWrite(CS, HIGH); //zet de slave slect lijn weer hoog
Serial.println(“Processed Data Recieved from Slave is: “);
Serial.print(spi_dat); //zet de toegekomen data op het scherm
Serial.println(“\r\n”);
delay(1000);
}

void START_WIFI() {

Serial.print(“Connecting to “);
Serial.println(ssid);
WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED)
{
delay(500);
Serial.print(“.”);
}
Serial.println(“”);
Serial.println(“WiFi connected.”);
Serial.println(“IP address: “);
Serial.println(WiFi.localIP());
server.begin();

}
void GetExternalIP()
{
WiFiClient client;
if (!client.connect(“api.ipify.org”, 80)) {
Serial.println(“Failed to connect with ‘api.ipify.org’ !”);
}
else {
int timeout = millis() + 5000;
client.print(“GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\n\r\n”);
while (client.available() == 0) {
if (timeout – millis() < 0) {
Serial.println(“>>> Client Timeout !”);
client.stop();
return;
}
}
int size;
while ((size = client.available()) > 0) {
uint8_t* msg = (uint8_t*)malloc(size);
size = client.read(msg, size);
Serial.write(msg, size);
free(msg);
}
}
}