Regarding the server instructions, and the suggestion to turn on 'Non-LAN' authentication:
Set Authentication to be Non-LAN only. Leave Use secure session keys and login page unchecked. The secure session option uses HTTP_DIGEST_AUTHENTICATION, which isn't fully supported throughout the Home Assistant codebase yet. Also, in the case you want to use Casting and/or Streaming, some media player devices don't support using authentication.
I've had success with requiring authentication for "All Connections" + secure session keys (Settings>WebServer>Advanced)
I'm using the IP Address limit rule to set my home assistant IP (set up as static on my LAN) with automatic admin user, e.g:
^192.168.1.123
^ allow this address without authentication using the account ‘admin’; this account must exist and it must be enabled (use caution here).
Context:
I'm only using HA with Blue Iris for mobile notifications with image attachments, but I can see with the above settings, that HA can access the images still, and can also stream live-feeds in lovelace camera views too. Perhaps the above won't work for the likes of casting etc, but this might be a good suggestion for people that are mainly using HA for notifications, or have reverse proxy's such as https://github.com/elad-bar/ha-blueiris/issues/23
I believe the above now saves me worrying about someone accessing my LAN and having free roam on my entire NVR!
Regarding the server instructions, and the suggestion to turn on 'Non-LAN' authentication:
I've had success with requiring authentication for "All Connections" + secure session keys (Settings>WebServer>Advanced)
I'm using the IP Address limit rule to set my home assistant IP (set up as static on my LAN) with automatic admin user, e.g:
^192.168.1.123From Blue Iris' PDF:
Context: I'm only using HA with Blue Iris for mobile notifications with image attachments, but I can see with the above settings, that HA can access the images still, and can also stream live-feeds in lovelace camera views too. Perhaps the above won't work for the likes of casting etc, but this might be a good suggestion for people that are mainly using HA for notifications, or have reverse proxy's such as https://github.com/elad-bar/ha-blueiris/issues/23
I believe the above now saves me worrying about someone accessing my LAN and having free roam on my entire NVR!