WARNING TO OCTOPRINT USERS If you expose it to the web,

Bracken_Dawson · August 9, 2013, 1:17am

WARNING TO OCTOPRINT USERS

If you expose it to the web, do use access control. I just went round and stopped all the printers that google has crawled. I also set the webcam URL to a photo of Alabama man, set your feedrates really slow and uploaded a file called “what_if_I_had_set_the_temp_really_high.gcode”.

Personally I don’t think that’s enough, I’d like to be able to use something like .htacess too. Anyone know how to do this with octoprint?

Bracken_Dawson · August 9, 2013, 1:45am

Yea, I’m grey hat…

Andrew_Plumb · August 9, 2013, 2:15am

…and if someone doesn’t quite seem to “get it”, just point them at http://xkcd.com/924/

Aaron_Kartash · August 9, 2013, 9:35am

Hmm, Maybe I will stay away from Octoprint for a while

Bracken_Dawson · August 9, 2013, 10:06am

@Aaron_Kartash It’s fine on your LAN, just don’t forward that port unless you know what you are doing.

I actually really like it, works great with my printer.

foosel · August 9, 2013, 11:08am

@Aaron_Kartash It isn’t OctoPrint’s fault when people make it accessible from all around the world without thinking. That’s as if blaming a car/car manufacturer for cars being stolen when people leave the doors unlocked and the keys in the ignition. Just don’t forward some port on your router to your Pi (or enable access control when you do) and you’ll be fine. I’ve been repeating this over and over the past couple of months since starting on OctoPrint (plus “do not run it as root”), but it looks like I’ll have to invest some time just to save users and their printers from their own stupidity now.

Aaron_Kartash · August 9, 2013, 11:53am

Okay, I think I will try and play around with it more then, I was trying to get octopi working yesterday with no luck.

Gregor_Luetolf · August 11, 2013, 1:54pm

@Bracken_Dawson how to reset the feedrates to normal speed? thx

foosel · August 11, 2013, 2:44pm

@Gregor_Luetolf Settings > Printer Parameters: http://imgur.com/SaHtaGe

Gregor_Luetolf · August 11, 2013, 3:31pm

@foosel Thanks, found it meanwhile in the wiki. Git pull and enabled access control after adding server realm to the config

foosel · August 11, 2013, 3:34pm

@Gregor_Luetolf sounds good, glad you found it.

Gregor_Luetolf · August 11, 2013, 3:35pm

@foosel will update the other 4 installations tomorrow in office^^

foosel · August 11, 2013, 3:38pm

remember, as long as you do not make them available via the internet, you don’t have to have access control enabled – still, regular updates are always a good idea ,)

Gregor_Luetolf · August 11, 2013, 3:40pm

@foosel I did get that, but I don’t know what network configurations the schools will have where we move the printers from time to time temporary.