Acessing web server from remote networks

Hi everyone,

Im currently working on a project to turn on/off heaters in a greenhouse remotely.
Im using esp 12-E board that has wi-fi chip integrated and a couple of electromagnetic relays.
My goal is probably obvious from the first sentence: User should be able to turn heaters on/off remotely pressing buttons on a website. Im using the board as a web server and to control the relays.
Ive came up with some code by searching the similar projects and using a little of knowledge that I have and made a model of a project: turning the LED on/off via the board and relays. It works fine when Im accessing the website from LAN but Im not sure how to access it from remote networks?
Thanks for all your help in advance.

P.S.
The code I used is below:

#include <ESP8266WiFi.h>

const char* ssid = "xxxxxx";
const char* password = "xxxxxx";

int ledPin = 16;
WiFiServer server(80);

void setup() {
  Serial.begin(115200);
  delay(10);

  pinMode(ledPin, OUTPUT);
  digitalWrite(ledPin, LOW);

  // Connect to WiFi network
  Serial.println();
  Serial.println();
  Serial.print("Connecting to ");
  Serial.println(ssid);

  WiFi.begin(ssid, password);

  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }
  Serial.println("");
  Serial.println("WiFi connected");

  // Start the server
  server.begin();
  Serial.println("Server started");

  // Print the IP address
  Serial.print("Use this URL to connect: ");
  Serial.print("http://");
  Serial.print(WiFi.localIP());
  Serial.println("/");

}

void loop() {
  // Check if a client has connected
  WiFiClient client = server.available();
  if (!client) {
    return;
  }

  // Wait until the client sends some data
  Serial.println("new client");
  while (!client.available()) {
    delay(1);
  }

  // Read the first line of the request
  String request = client.readStringUntil('\r');
  Serial.println(request);
  client.flush();



  // Set ledPin according to the request
  //digitalWrite(ledPin, value);
  int value = LOW;
  // Return the response
  client.println("HTTP/1.1 200 OK");
  client.println("Content-Type: text/html");
  client.println(""); // do not forget this one
  client.println("<!DOCTYPE HTML>");
  client.println("<html>");

  client.println("

");
  client.println("<a href=\"/LED=ON\"><button>ON</button></a>");
  client.println("<a href=\"/LED=OFF\"><button>OFF</button></a></p>");
  client.println("</html>");

  // Match the request

  if (request.indexOf("/LED=ON") != -1) {
    digitalWrite(ledPin, HIGH);
    value = HIGH;
    delay(1000);
    
  }
  if (request.indexOf("/LED=OFF") != -1) {
    digitalWrite(ledPin, LOW);
    value = LOW;
  }

  client.print("Led pin is now: ");

  if (value == HIGH) {
    client.print("On");
  } else {
    client.print("Off");
  }

  

}

You will need to configure your router to pass incoming port 80 traffic to your ESP device. That'll be router specific. You probably want to give the ESP a static IP address within your local wifi - router config again.

It's likely that your external IP address (That you can see alongside your posts on this forum) is not static either. You can test it using whatever it happens to be just now, but eventually you'll need a service like dyndns to keep track of it for you.

I came upon router config somewhere but I couldnt figure out my router username and password so not sure how I can change config without those 2?

It's often printed on a panel on the router (assuming you have access to it). You might have to perform a (router specific) factory reset to make those credentials valid again though.

Have you considered using the "Blynk" app? That will take care of these problems for you. You won't even need the router password.

Paul this is first time Im hearing about that app but Ill definately check it out. Not sure if it will support this board though since I dont think its that common or maybe Im wrong. If its working I can see it making my life much easier. Ill let you know how it goes tomorrow. Ive read somewhere while I was searching how to find router UN and PW that reseting may disrupt settings and then it wont work or something like that?

If your board is esp8266 based then it should work with Blynk.

tuadru: Ive read somewhere while I was searching how to find router UN and PW that reseting may disrupt settings and then it wont work or something like that?

It will reset the router to factory defaults, so any changes you made to the configurations (like a PPPoE password to connect to your ISP, like mine still requires) or other port forwarding settings and internal IP tables will be lost.

It sounds like you don't know the router's login credentials, which usually means it's not your router and/or you don't have the permission from the router owner to mess around with it. So the Blynk app (using a remote MQTT server) is the way to go for you.

Thanks a lot guys will definately try Blynk today and let you know how it goes.

on a side note.

I think it would be in your best interest to find out the kind of security you have in your own home.

Not knowing your own routers' login credentials is a big deal. (especially if you have never reset/changed it form the stock/factory settings) :(

You also not being able to figure this out makes me skeptical if you should even be doing stuff like this.. (with heaters..etc)

UPDATE:

I tried Blynk and it works fine. Wish I knew about it earlier the code is much simpler.

xl97 Im not sure why it would be a big deal since not many of us here do know that and I never had need to use them so far? Also dont know what does not knowing how to open IP to other networks has to do with heaters since its different area all together as was mentioned here? Same project could probably be done with 10 different kinds of communications.

If you keep the factory username/password.. then EVERYONE KNOWS IT!..

Does that sound safe? or secure?

Secure enough for little script kiddies port checking and eventually getting access to turn on these heaters all/day night by themselves? (because thats a VERY real world scenario).

If when you signed up for a bank account the default password given is abc:123 would you change it? or would you just leave it? knowing its the same for everyone else too? (or your email account?)

And I 10000% do NOT buy this statement: "since not many of us here do know that"

I would say (and not just hope) many of the users here DO know their own routers username and password, and do NOT just leave it to factory settings. Most of the members are somewhat technically savvy.

Do some searches on IoT horror stories.... that came without any security and left with the default username/passwords. (turning on IoT coffee pots that started fires..etc) and the list goes on and on! :)

This is just common practice and not some magic thing to do. (matter of fact most routers/modems documentation tell you to change it from the default settings to avoid such things)

tuadru: \xl97 Im not sure why it would be a big deal since not many of us here do know that and I never had need to use them so far? Also dont know what does not knowing how to open IP to other networks has to do with heaters since its different area all together as was mentioned here?

If you want to deal with IP networks, even just Blynk, you have to know the basics of IP networks. That include basics on securing them.

Blynk is using an external MQTT server. Do you trust that server? Do you know whether the person who operates it will keep your connection secret and safe? Anyone that has your codes can start sending commands to your IoT things. Switch on heaters and lights, costing you money (power bills). Switching off your fridge, make your food go bad. Maybe use it as entry to your home network, install a keylogger on your PC, sniff out your banking details, and drain your account (and that's not too far fetched, really).

Indeed there are many different options of doing such communications and all of them have their pros and cons on convenience, cost, functions, etc. It's your job as systems designer to be well aware of potential risks.

By the way, I for one do know my router's login credentials, and how to reset them were I to forget it (and I expect most of the regular contributors here do as well). I also use this regularly, I have by now a long list of ESP module's MAC addresses and local IP addresses linked to them set in the router. It's really a good idea to give your modules a fixed IP address, so you know which one you're talking to.

Let me clarify what I meant by “here” - Im not from the US or wherever You guys are from and I assure You 90% of people dont know their router credentials here. That being said the network I plan to connect heaters to is just the network of that green house that was used to connect phones on the internet and I dont see why anyone would want to hack it? I know its probably weird for you since I really believe you know dozen of cases of hacking and stuff but I assure you that personally I havent come across a single case of hacking or heard of one in my surroundings. That being said I will change my password if you think it will help but if someone was really intent on hacking my network I cant see that a simple change of password would stop him if he knows what he is doing.

P.S.
I really appriciate your concern guys I know you mean well and thanks for all the help and advices. If anything Ive learnt a couple of new things that will definately come in handy in future projects that are more compelx than this one.
Also Ive changed my password so Im at least a bit more secured than I was 5 minutes ago I guess? :slight_smile:
This is the first time Im doing project that requires long distance communications, until now Ive done the ones that use short distance stuff like NRF so I really didnt have any opportunity to learn about IP and security and stuff. Ill definately dive into it a little more now.

wvmarle:
Blynk is using an external MQTT server. Do you trust that server? Do you know whether the person who operates it will keep your connection secret and safe? Anyone that has your codes can start sending commands to your IoT things.

my conspiracy theory side (not may ancient alien theory side) is worried that the Chinese chip ESP8266 has an easter egg. a type of stuxnet… waiting for ‘that’ day…

tuadru: Let me clarify what I meant by "here" - Im not from the US or wherever You guys are from and I assure You 90% of people dont know their router credentials here.

I think >90% of people anywhere in the world that have a home router don't know the credentials. They don't need to, they don't care. My wife and kid don't know, so in my 3-person household that's already almost 67%.

That's why there are people like you and me - the tinkerers that set up the networks, and that know those things. Well, maybe not you...

That being said the network I plan to connect heaters to is just the network of that green house that was used to connect phones on the internet and I dont see why anyone would want to hack it?

That's the attitude that's getting us this terrible mess of poorly or not secured devices. You'd be surprised what a bad actor can do with a botnet of smart fridges. That's why everyone (and that includes you) has to do their little thing to keep at least their own devices secured. Besides, with all those poorly secured devices out there it's easy to be better secured than the rest of the pack, just like locking your bike: you don't have to lock it good, as long as you lock it better than the one parked next to you.

dave-in-nj: my conspiracy theory side (not may ancient alien theory side) is worried that the Chinese chip ESP8266 has an easter egg. a type of stuxnet.... waiting for 'that' day....

You never know... Intel recently had two of them exposed. Sure they call it a bug, but was it?

dave-in-nj: my conspiracy theory side (not may ancient alien theory side) is worried that the Chinese chip ESP8266 has an easter egg. a type of stuxnet.... waiting for 'that' day....

I like the way you think! LOL