AM SoftwareOpen Source

OctoPrint addresses security concerns with safe remote 3D printer access guide

The ISC recently reported that thousands of OctoPrint interfaces were publicly facing the internet.

Stay up to date with everything that is happening in the wonderful world of AM via our LinkedIn community.

Despite the fear mongering surrounding 3D printed guns that has dominated most 3D printing-related discourse in the mainstream media lately, there are certain, much more real and immediate safety concerns within additive manufacturing. As the Internet Storm Center (ISC) recently reported, one of those concerns comes from users of 3D printer monitoring software OctoPrint.

According to the report, over three thousand OctoPrint interfaces are currently publicly facing the internet, meaning they are at risk for IP theft or leaks of 3D printable files, compromised 3D models and even of having their webcams hacked.

Thankfully, it’s not necessary to stop using the open source 3D printing remote access software, only to use it with more precautions. In response to the report, OctoPrint recently published a guide to keeping your private information and 3D printing files safe while using the popular tool.

It reads:

“Putting OctoPrint onto the public internet is a terrible idea, and I really can’t emphasize that enough. Let’s think about this for a moment, or two, or even three. OctoPrint is connected to a printer, complete with motors and heaters. If some hacker somewhere wanted to do some damage, they could. Most printers can have their firmware flashed over USB. So as soon as the box hosting OctoPrint is comprimised, there go any failsafes built into the firmware. All one would have to do, is flash a new, malicious firmware with no safeguards, over USB, and then tell the printer to keep heating, leading to catastrophic failure. Of course there are other reasons to not have an OctoPrint instance available on the public internet, such as sensitive data theft, but catastrophic failure is by far the worst case scenario here.”

The post goes on to describe a number of ways to users can remotely monitor their 3D prints using OctoPrint without putting the program on the public internet. The easy way, it says, is to use plugins, such as Polar Cloud, OctoPrint Anywhere, OctoPrint-DiscordRemote and Telegram.

“Remote access via a plugin is certainly the easiest way for you to access your instance and control/monitor your printer,” the post reads. “Unless you really know what you’re doing, this is very likely the method that you’re going to want to be using. There are a few different options available that accomplish remote access, without opening up OctoPrint to the rest of the world.”


More advanced users can also protect OctoPrint from abuse using advanced access methods, including VPNs and Reverse Proxy. If one of these workarounds is used, guest author [Jubaleth] recommends putting the VPN or Reverse Proxy onto a separate physical box connected to the 3D printer.

“All in all, there are many ways one can safely access an OctoPrint instance remotely, that do not involve blindly forwarding ports on your router and putting yourself at risk,” the post concludes. “Anything with the potential to burn down your house should be treated with the utmost care. It may seem more convenient to cut corners… but is it really worth it?”

Composites AM 2024

746 composites AM companies individually surveyed and studied. Core composites AM market generated over $785 million in 2023. Market expected to grow to $7.8 billion by 2033 at 25.8% CAGR. This new...

Tess Boissonneault

Tess Boissonneault is a Montreal-based content writer and editor with five years of experience covering the additive manufacturing world. She has a particular interest in amplifying the voices of women working within the industry and is an avid follower of the ever-evolving AM sector. Tess holds a master's degree in Media Studies from the University of Amsterdam.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close Popup
Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These cookies are necessary for the website to function and cannot be switched off in our systems.

Technical Cookies
In order to use this website we use the following technically required cookies
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

Decline all Services
Accept all Services


Join our 12,000+ Professional community and get weekly AM industry insights straight to your inbox. Our editor-curated newsletter equips executives, engineers, and end-users with crucial updates, helping you stay ahead.