For security purposes, is it possible to disable the APIs that can communicate via js/browser requests and only retain the C API?
Otherwise, anyone on the local network could play with your zway settings using only a browser and the right url/command.
Disable Browser API Calls for Security
Re: Disable Browser API Calls for Security
You can easily disable any network requests (or restrict them to specific hosts) with iptables rule.