no management interface on WAN

Discussion in 'Ideas' started by BayMitch, Oct 11, 2017.

no management interface on WAN 5 5 8votes
5/5, 8 votes

  1. BayMitch

    Joined:
    Sep 3, 2013
    Messages:
    13
    Likes Received:
    5
    Hi all,

    from security perspective its strange that the management interface is reachable from internet, even it's coded by SSL.
    Make it possible to close the management page from internet, maybe an other port for only management.

    Best regards Remko Schenk.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    dyoung5 likes this.
  2. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Silly English Kniggit

    Joined:
    Sep 13, 2017
    Messages:
    220
    Likes Received:
    85
    Why not just set a main admin username of something other than "admin", use a long secure password, and remember that it locks out after 3 failed attempts to login from any IP in a given time period. You can make the lockout period years long.
    If you REALLY need to block it, then handle that by URL blocking on the firewall in front of it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    jeroendebruijn likes this.
  4. BayMitch

    Joined:
    Sep 3, 2013
    Messages:
    13
    Likes Received:
    5
    Hi guys,

    Thanks for the suggestions.
    The first suggestion is not supported by 3CX so i will not implement that in production environments, for tests in test environments its nice.
    The second suggestions are the normal settings that you always set in an installation. URL blocking sounds nice but most customers do not have a second generation firewall.

    Thanks for the suggestions and vote on this idea if you also see that its a security breach.

    greets Remko
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. lorenzobraun

    Joined:
    Nov 13, 2017
    Messages:
    1
    Likes Received:
    1
    I agree. Voted!
     
    BayMitch likes this.
  6. Jeremy Mulder

    Joined:
    Mar 28, 2017
    Messages:
    1
    Likes Received:
    1
    I agree and have voted.
     
    BayMitch likes this.