So, you’ve got your shiny new printer, and just installed OctoPrint, great! Being able to remotely monitor your print is a fantastic ability. Being able to start a print remotely is incredibly handy. From within the realm of your local network, you have a ton of power at your finger tips. What if you want to be able to do this when you’re not on your local network? You could just forward ports on your router, use a DDNS service, and you’re good to go, right? … wrong.
The ISC (Internet Storm Center) recently published an article about OctoPrint instances exposed to the public internet. While it is possible that a percentage of the instances found are unintentionally exposed, the vast majority is very likely users who have gone out of their way to expose OctoPrint to the public internet for the sake of convenience. There are safer ways to access your instance remotely than blind port forwarding. This is a critical issue that needs to be discussed. We as a community have to get the right information to new and/or uninformed users, to prevent a catastrophy from happening.
Putting OctoPrint onto the public internet is a terrible idea, and I really can’t emphasize that enough. Let’s think about this for a moment, or two, or even three. OctoPrint is connected to a printer, complete with motors and heaters. If some hacker somewhere wanted to do some damage, they could. Most printers can have their firmware flashed over USB. So as soon as the box hosting OctoPrint is comprimised, there go any failsafes built into the firmware. All one would have to do, is flash a new, malicious firmware with no safeguards, over USB, and then tell the printer to keep heating, leading to catastrophic failure. Of course there are other reasons to not have an OctoPrint instance available on the public internet, such as sensitive data theft, but catastrophic failure is by far the worst case scenario here.
So, with that said, how can we accomplish remote access to monitor or control a printer, without putting OctoPrint on the public internet for everyone to abuse? This guide will show you how.