I am breaking into making my own IoT tech and am using an ESP8266 with C/C++. I have set up a program which allows me to toggle a relay using Google Assistant through gbridge.io. I have it subscribed using MQTT to gbridge which tells it when to toggle the switch. Unfortunately I am very new to dealing with network related things, so I this probably is worded incorrectly. It listens (i think is the right word) to port 1883. I am using this method as I don't want to open a port on my home router. By listening to port 1883, is there any way that my router is exposed or network vulnerable? This code comes from the Adafruit MQTT Library Examples.
#include <ESP8266WiFi.h>
#include "Adafruit_MQTT.h"
#include "Adafruit_MQTT_Client.h"
/************************* WiFi Access Point *********************************/
const char* WLAN_SSID = "SSID";
const char* WLAN_PASS = "password";
/************************* Adafruit.io Setup *********************************/
#define AIO_SERVER "mqtt.gbridge.io"
#define AIO_SERVERPORT 1883 // use 8883 for SSL
#define AIO_USERNAME "gbridge-username"
#define AIO_KEY "mqqt password"
/************ Global State (you don't need to change this!) ******************/
// Create an ESP8266 WiFiClient class to connect to the MQTT server.
WiFiClient client;
// or... use WiFiFlientSecure for SSL
//WiFiClientSecure client;
// Setup the MQTT client class by passing in the WiFi client and MQTT server and login details.
Adafruit_MQTT_Client mqtt(&client, AIO_SERVER, AIO_SERVERPORT, AIO_USERNAME, AIO_KEY);
/****************************** Feeds ***************************************/
// Setup a feed called 'photocell' for publishing.
// Notice MQTT paths for AIO follow the form: <username>/feeds/<feedname>
Adafruit_MQTT_Publish onoffset = Adafruit_MQTT_Publish(&mqtt,"on off set link");
// Setup a feed called 'onoff' for subscribing to changes.
Adafruit_MQTT_Subscribe onoffbutton = Adafruit_MQTT_Subscribe(&mqtt,"on off link");
Update August 2020: gbridge has shutdown their servers
Port 1883 is commonly used for unsecured MQTT. This has nothing to do with your router or network being vulnerable. What it means is:
When you run MQTT over SSL, SSL will verify that the connection is encrypted using a certificate belonging to the domain name that you were trying to connect to. The two ends will also encrypt all traffic so that an observing party will be unable to eavesdrop.
MQTT over SSL is commonly run on port 8883.
None of this compromises your network or endangers your router. It only affects the communication between the MQTT client and broker.
Your MQTT client is not listening on port 1883 - it's connecting to port 1883 on the broker. The broker is the one listening on port 1883 - that's why you don't have to open a port on your router.
In the code you quoted above, you'd need use WiFIClientSecure instead of WiFiClient. You'd also need to provide a certificate or fingerprint for the server you're connecting to. But that's a different question from the one you asked; if you need help with it that would belong in a separate post.