How can I disable the new web app controller?
I don’t want direct access to my sonos system from over the internet. Moreover, I don’t want hackers to be able to control the speakers in my home if they gain access to my login credentials.
This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.
I haven’t tried it, but doesn’t it require you to be on your local LAN? That would restrict use to those on your WiFi….
Hmmm. Just read an article that suggests what I said is not true. So I don’t know, unfortunately. I’ve not seen a flag in my iOS controller, but I’m sure I haven’t explored the whole thing yet. Hopefully, a moderator will see this, and give us the straight scoop.
The only way I found was to switch off the desktop setting in the browser. In any event the Web app became persistently useless with this crash message:
Utter rubbish.
To clarify: I don’t want the Web App controller (available at https://www.sonos.com/en-us/controller-app) to work remotely - from anywhere.
To test: Today, I took a computer to a coffee shop. Before leaving I turned on local radio station on my sonos. At the coffee shop, I clicked the web app link and logged into my account. I was able to access my sonos system and to turn off the local station.
I don’t want me - or anyone - to be able to access my home sonos setup through the sonos website.
A hacker that gains access to my credentials can log into my system.
Even more frustrating is that sonos does not ask for complicated passwords beyond (1) at least 8 character(s) and (2) does not contain part of username. That’s it! They don’t offer 2-Factor Authentication. (I just tested the use of password as the password, and it accepted it!) This is not secure.
I did not opt-in to my devices being hosted in the cloud.
Previously, access to my system required that I be on the same network as the system. At least then someone that wanted to hack my system had to be physically near my house and have access to my network.
Instead now, sonos has decided that it will increase potential access without informing owners and providing adequate security.
In sum, I don’t want access to my sonos through the “try the web app” option that is available on the sonos website pictured above.
To anyone: Is there a way to turn off the web access? (short of unplugging my device, sonos tech support says no)
I cannot understand Sonos did this. They must be stupid putting our equipment online. It is a way straight into my network with very little protection. When I found out I had to put them on a VLAN without internet access. The old app worked perfectly using udpbroadcastrelay, the new app do not discover the speakers from another VLAN which it used to do.
I have stopped streaming so that is OK, not having any internet access, I have instead a Navidrome server with a docker service called bonob that exposes the music library from Navidrome to the old Sonos app. This works perfectly.
If I was forced to use the new app I had to throw it all away. It is completely unusable. This will work for a period, and Sonos does not seem to recognise what they have done, they continue on the road to ruin. When I no longer can use the old app I will have to throw away everything Sonos. I have started by throwing away my Beam.
I will never in my life buy a product from Sonos again.
Blocking this domain in my pihole seems to prevent the web app working
lechmere-v1.sslauth.sonos.com
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.