Reference12r2:Services/HTTP/Server

From innovaphone wiki
Revision as of 15:20, 11 February 2020 by Ckl (talk | contribs) (→‎Configuration)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
There are also other versions of this article available: Reference | Reference7 | Reference8 | Reference9 | Reference10 | Reference12r2 (this version) | Reference14r2

The internal HTTP server allows web access to the device.

Configuration

Force HTTPS
Allow only HTTPS sessions. HTTP requests are redirected to HTTPS requests. On the first request after enabling this feature some browsers may not accept redirection of the XSL file, in this case the reload button of the browser helps.
When you still get the message in the browser that the page can't be found, check if the TLS 1.0 support is enabled in the browser (this used to be turned off by default in older browser versions).
Please note that this will trigger an HTTP redirect for each HTTP request, adding one more cycle to each request. From a performance point of view, you should rather not use Force HTTPS but set Port' to 0 instead.
Disable HTTP basic authentication
For HTTP basic and digest authentication is supported by the device. With basic authentication the password is transmitted as clear text, which is a security risk if the someone can listen to this communication. Digest authentication only transmits a hash code of the password which is of no use for a listener. To avoid the vulnerability of the basic authentication it can be disabled, but some applications may not support the digest authentication, which in turn do not work any more if basic authentication is disabled. However, please note that this is irrelevant when using HTTPS (as nothing is transmitted as clear text then anyway). So for a secure system, rather make sure to use HTTPS everywhere than disabling basic authentication.
Password protect all HTTP pages
Apart from the start page Configuration/General/Info, all areas of the user interface are password protected. If this checkmark is set all pages are password protected. This option disables also login to the system using the 'Name' and the 'Password' configured in the PBX User object, so only logins with device administrator accounts are possible.
Note: If this is activated the changing of the login to a Dyn-PBX user is not possible
Port
As default port 80 is used for HTTP. With this field it can be changed to any other value (e.g. 8080).
For disabling HTTP in general set the Port to 0
HTTPS-Port
As default port is 443 is used for HTTPS. With this field it can be changed to any other value.
For disabling HTTPS in general set the Port to 0
Allowed stations
Access to the device can be restricted to particular networks (for example, 192.168.0.0 / 255.255.0.0) or to particular hosts (for example, 192.168.0.23 / 255.255.255.255).
Public compact flash access
Access to the compact flash generally needs authentication ( user and password ). If parts of the compact flash shall be accessed without authentication a list with the path and the access rights ( read or write ) can be configured. The access rights of the first match of the list is used. If the Path ends with a slash ('/'), then the whole sub-tree is affected. Example: If the compact flash drive is used for a update script in the directory script and the backups are stored in a directory backup the configuration could be /drive/cf0/script/ read and /drive/cf0/backup/ write.

Status

All active HTTP sessions are displayed under the Active HTTP sessions section. The table shows for each session the clients IP address, the most recently accessed URL and the number of HTTP requests served on the session.

For example: From 172.16.1.49 To /HTTP0/info.xml No 22.