fwiw I see both perspectives as having validity. Considering we're still in the 1st year, I think it's completely fair to use the 80/20 rule, there's so much to do when starting from scratch. That said, hopefully some of the remaining 20% of concerns can gradually be looked at in time.
Just a side note, I updated to 2.0.1 this morning and still have 1.1.7.120 as a roll back option. I never installed 2.0.0.102. I went straight to 2.0.0.104.
Reading through the forums I found out about this other page that allows you to reboot the Hub.
Please add that page to the feature request as well, I think moving the reboot function inside this page after securing it would be the best idea...
I do not want to go back to the discussion of if this is really insecure or not, no point to that as it all comes down to each one's opinion on security, just leaving the comment here in case this feature request is ever considered. I will just say that being able to halt your home's automation at will is not a good idea for example for people using HSM with windows and door sensors and notifications, etc.
Please don't take my disagreement as a slight. I have a very different view on HA at this stage of the game. I respect your point of view because we know the HA world needs to start getting a lot more security conscience as this industry becomes more mainstream.
But it is my belief, that if you are doing home automation at this moment in time, you are inherently exposing yourself to risk. This is why I have nothing that is life safety related dependent on my hubitat. Currently it only supplements these tools or provides an added level of convenience.
As such, it is my vote that we do NOT add the ability to reboot the hub behind another firewall. The ability to remotely reboot my hub is one of the features I love about Hubitat.
Again the above is simply my opinion and may be overruled by the majority...but I really hope that is not the case.
Even better, I just remoted to a PC where I have never used Hubitat from, to be sure I opened a browser and went to the hub and got the login page, closed it without logging in...
I executed the powershell line and my hub restarted.
So I did this instead:
$response = Invoke-WebRequest -Uri "http://ipaddress:8080/hub/restart" -Method Post
$response.RawContent
and I can confirm that indeed the page received is the login page, yet the hub does restart every time.
Btw, my tasker task did reboot the hub. I just ran the wrong one....so it's just another data point that the hub can be rebooted without authentication.
Again...no big deal...focus on other things...this can wait.
Right @gparra.
Lol, I guess this comes to show every single feature request has a potential negative impact on someone... its just impossible to please everyone, it does make these guys job a lot harder...
Security wins over convenience again...as it should...but it still hurts my heart.
Keeping my on you @gparra. Ready to auto-flag any "feature" requests. And now I got @SmartHomePrimer at my side in case I miss one. Make a request...I dare you.