Reference:Configuration/General/HTTP-Server: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
(New page: Advanced, security-related settings of the VoIP device can be made. * '''Disable HTTP basic authentication:''' The logon data is transmitted in plain text as standard, and is thus suscept...)
 
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Advanced, security-related settings of the VoIP device can be made.
The internal HTTP server allows web access to the device.


* '''Disable HTTP basic authentication:''' The logon data is transmitted in plain text as standard, and is thus susceptible to recording and eavesdropping. To avoid this weak point, it is recommended that you disable standard authentication (with user name and password) and use digest hash authentication instead.
== Configuration ==
* '''Password protect all HTTP pages:''' Apart from the start page Configuration/General/Info, all areas of the user interface require the entry of the administrator user ID. If you enable this check box, a password is compulsory for all pages of the device.<br>
* '''Port:''' The standard entry here is HTTP Port 80. It can be changed (for example, 8080). The device is then accessible via this port only (for example, <IP of the device>:8080).
* '''Allowed stations:''' Access to the device can be restricted to a particular network area (for example, 192.168.0.0 / 255.255.0.0) or to a particular network address (for example, 192.168.0.23 / 255.255.255.255).


In addition, all active HTTP sessions are displayed under the Active HTTP sessions section.<br>
{|
For example: From 172.16.1.49 To /HTTP0/info.xml No 22.
|valign=top nowrap=true|'''Disable HTTP basic authentication:'''
|For HTTP basic and digest authentication is supported by the device. With basic authentication the password is transmitted as clear text, which is a security risk if the someone can listen to this coummunication. Digest authentication only transmits a hash code of the password which is of no use for a listener. To avoid the vulnerability of the basic authentication it can be disabled, but some applications may not support the digest authentication, which in turn do not work anymore if basic authentication is disabled.
|-
|valign=top nowrap=true|'''Password protect all HTTP pages:'''
|Apart from the start page Configuration/General/Info, all areas of the user interface are password protected. If this checkmark is set all pages (except public compact flash areas) are password protected.
|-
|valign=top nowrap=true|'''Port:'''
|As default port 80 is used for HTTP. With this field it can be changed to any other value (e.g. 8080).
|-
|valign=top nowrap=true|'''Allowed stations:'''
|Access to the device can be restricted to a particular network (for example, 192.168.0.0 / 255.255.0.0) or to a particular host (for example, 192.168.0.23 / 255.255.255.255).
|-
|valign=top nowrap=true|'''Public compact flash access:'''
|Access to the compact flash generally needs authentication ( user and password ). If parts of the compact flash shall be accessed without authentication a list with the path and the access rights ( read or write ) can be configured. The access rights of longest match of the list is used. Example: If the compact flash drive is used for a update script in the directory <code>script</code> and the backups are stored in a directory <code>backup</code> the configuration could be <code>/drive/cf0/script/ read</code> and <code>/drive/cf0/backup/ write</code>
|}
 
== Status ==


All active HTTP sessions are displayed under the Active HTTP sessions section. The table shows for each session the clients IP address, the most recently accessed URL and the number of HTTP requests served on the session.


<small>[[General|...go back]]</small>
For example: From 172.16.1.49 To /HTTP0/info.xml No 22.

Latest revision as of 12:06, 14 July 2008

The internal HTTP server allows web access to the device.

Configuration

Disable HTTP basic authentication: For HTTP basic and digest authentication is supported by the device. With basic authentication the password is transmitted as clear text, which is a security risk if the someone can listen to this coummunication. Digest authentication only transmits a hash code of the password which is of no use for a listener. To avoid the vulnerability of the basic authentication it can be disabled, but some applications may not support the digest authentication, which in turn do not work anymore if basic authentication is disabled.
Password protect all HTTP pages: Apart from the start page Configuration/General/Info, all areas of the user interface are password protected. If this checkmark is set all pages (except public compact flash areas) are password protected.
Port: As default port 80 is used for HTTP. With this field it can be changed to any other value (e.g. 8080).
Allowed stations: Access to the device can be restricted to a particular network (for example, 192.168.0.0 / 255.255.0.0) or to a particular host (for example, 192.168.0.23 / 255.255.255.255).
Public compact flash access: Access to the compact flash generally needs authentication ( user and password ). If parts of the compact flash shall be accessed without authentication a list with the path and the access rights ( read or write ) can be configured. The access rights of longest match of the list is used. Example: If the compact flash drive is used for a update script in the directory script and the backups are stored in a directory backup the configuration could be /drive/cf0/script/ read and /drive/cf0/backup/ write

Status

All active HTTP sessions are displayed under the Active HTTP sessions section. The table shows for each session the clients IP address, the most recently accessed URL and the number of HTTP requests served on the session.

For example: From 172.16.1.49 To /HTTP0/info.xml No 22.

Retrieved from "https://wiki.innovaphone.com/index.php?title=Reference:Configuration/General/HTTP-Server&oldid=10713"