What about security issues? How am I exposed if I do port forwarding as described?
By creating a port forward, you are allowing the public internet to connect to port 80 ( http ) or port 443 ( https ) on your heatermeter, depending on which port you've forwarded.
The security implications are that if someone / something manages to gain full access to your heatermeter via logging with the username and password of your heatermeter, they are now inside your home network.
If you choose to create the port forward on port
80/http, which is the most common port, you need to realize that everything over port 80/http is sent in clear text. This means that there is no encryption, and even though you have username and password set on the heatermeter, the username and password are also transmitted in clear text over the internet.
If you choose to create the port forward on port
443/https, you are now using a secure channel, but your browser will throw up some warnings letting you know that the security certificate on the heatermeter doesn't match website you're trying to reach. The trade off in the annoying security warning is that the data between the browser and the heatermeter is fully encrypted and not transmitted in clear text over the public internet.
You just tell your browser to visit
https://dynamic.dns.name instead of
http://dynamic.dns.name