I've been building enterprise remote access systems for years, so when it came time to build my smart home I wanted to do it properly. Allowing remote access to your home automation carries quite a bit of risk. I wasn't happy with openHAB's suggested options, so I decided to make a video to show you how to do it securely using strong encryption, multi-factor authentication, and a web application firewall to protect your home from hackers. 📽️ First Video: Getting started with openHAB 📽️ Third Video: Fixing openHAB's Cloud Security ➡️ openHAB Website ➡️ Free Kemp LoadMaster ➡️ Duo Multi-Factor Authentication ➡️ FreeRADIUS ➡️ Freenom (Free Domain Names) ➡️ No-IP (Dynamic DNS) ➡️ OWASP ModSecurity Core Rule Set (WAF Rules) ➡️ Cloudflare Zero Trust ➡️ myopenHAB Cloud Service ➡️ openHAB's Official Remote Access Guide 💬 Follow Me Video timestamps: 0:00 - Introduction 0:27 - Don't Publish openHAB Directly 1:10 - openHAB Cloud / myopenHAB 2:08 - Passwords Are Not Safe 2:51 - VPNs & Nginx 3:42 - Introducing the Kemp LoadMaster 4:31 - DMZ for Better Security 5:01 - Choosing an Identity Provider 5:57 - Domain Names, DNS Records & IP Addresses 8:32 - Cloudflare Tunnels 9:40 - Solution Overview 10:47 - Kemp LoadMaster Deployment 14:35 - Port Forwarding (NAT) 15:44 - Obtaining a Public SSL Certificate 17:11 - Installing FreeRADIUS 19:26 - Installing Duo 25:41 - Configuring Authentication on Kemp 26:57 - Connecting Kemp to openHAB 27:34 - Multi-Factor Authentication in Action 28:21 - Web Application Firewall 30:06 - Bypassing Authentication Internally 31:00 - Another Security Problem #HomeAutomation #SmartHome #openHAB #CyberSecurity #MFA