Upcoming Security Enhancements to Vera Platform

As part of our ongoing commitment to platform hardening and robustness, we are deploying several security enhancements in the coming months. Beginning with our 7.27 release (Beta begins mid-March), all Vera controllers will be secured by default, which means that:

[ul][li]Ports 22, 80, 443, 3480, and 49451 will be blocked on all the network interfaces, except the local loopback interface (localhost /[/li][/ul]

[ul][li]The RunLua action will be disabled, by default.[/li][/ul]

Below are the most common plugin issues encountered after this upcoming security enhancement, and the proposed solutions:

[ul][li]Issue: data_request?id=action&action=RunLua&Code=luup.variable_set(…)[/li][/ul]


[ul][li]Issue: data_request?id=action&action=RunLua&Code=luup.call_action(…)[/li][/ul]


[ul][li]Issue: requests on port 3480 / 49451[/li][/ul]


As a participating MiOS/Vera plugin author, you are receiving this email as a heads-up that your plugin will require an update, based on our code review. We have allocated internal resources within the Connected Objects Team to actively support our developer community through this transition.

As always, should you have any questions, comments, or concerns, please do not hesitate to be in touch via the expedited email address below. We will answer all requests on a first come, first served basis.

Thank you for your participation, patience, and continued support. Have questions ? app_updates@mios.com