ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Disable FreePBX Admin Access Via Port 80

    Scheduled Pinned Locked Moved IT Discussion
    freepbx 14
    18 Posts 4 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alex Sage
      last edited by

      https://community.freepbx.org/t/lets-encrypt-dns-challenge/39325/

      1 Reply Last reply Reply Quote 0
      • NashBrydgesN
        NashBrydges
        last edited by

        If this helps, this is what I see in the port management.

        0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

        I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

        JaredBuschJ scottalanmillerS 2 Replies Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch @NashBrydges
          last edited by

          @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

          If this helps, this is what I see in the port management.

          0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

          I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

          Better question here is, why do you care?

          ID will kill repeated attempts.

          scottalanmillerS NashBrydgesN 2 Replies Last reply Reply Quote 1
          • scottalanmillerS
            scottalanmiller @JaredBusch
            last edited by

            @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

            @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

            If this helps, this is what I see in the port management.

            0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

            I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

            Better question here is, why do you care?

            ID will kill repeated attempts.

            This is a good question. Port 80 being open isn't a risk as long as you know not to use it.

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @NashBrydges
              last edited by

              @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

              If this helps, this is what I see in the port management.

              0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

              I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

              You sure it does? Just specify to use 443 for LE.

              1 Reply Last reply Reply Quote 0
              • NashBrydgesN
                NashBrydges @JaredBusch
                last edited by

                @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                If this helps, this is what I see in the port management.

                0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

                I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

                Better question here is, why do you care?

                ID will kill repeated attempts.

                I would normally totally agree but my role was just to set it up. The client has onsite IT who aren't supposed to touch the FreePBX install but the client has to have the login/pwd for the instance and it's part of their IT inventory. I'm just trying to eliminate the idiot effect where someone, without thinking, just goes to the HTTP URL instead of HTTPS. If there was a redirect, I wouldn't have to worry.

                The risk is low that someone will login except me, but still a risk and if it's one I can avoid, all the better.

                1 Reply Last reply Reply Quote 0
                • JaredBuschJ
                  JaredBusch @scottalanmiller
                  last edited by

                  @scottalanmiller said in Disable FreePBX Admin Access Via Port 80:

                  @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                  @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                  If this helps, this is what I see in the port management.

                  0_1537563100625_1acdcb85-567c-43b3-a36e-c4ea45f34eac-image.png

                  I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.

                  Better question here is, why do you care?

                  ID will kill repeated attempts.

                  This is a good question. Port 80 being open isn't a risk as long as you know not to use it.

                  Right, as long as YOU do not fuck up and go to the page via http instead of https there is no risk here because if you don't have web management set to Internet, an IP the is not already allowed cannot even get to the page.
                  0_1537564501883_e2565659-7588-4551-8b3e-e4bb24e6c6d7-image.png

                  NashBrydgesN 1 Reply Last reply Reply Quote 1
                  • NashBrydgesN
                    NashBrydges @JaredBusch
                    last edited by

                    @jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @NashBrydges
                      last edited by

                      @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                      @jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.

                      No idea how LE works, but you'll find out in 60 days.

                      NashBrydgesN 1 Reply Last reply Reply Quote 1
                      • NashBrydgesN
                        NashBrydges @JaredBusch
                        last edited by

                        @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                        @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                        @jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.

                        No idea how LE works, but you'll find out in 60 days.

                        True enough. I'll leave this enabled and update if it caused any issues with LE.

                        0_1537564897693_3c91d974-c275-4ddd-a39e-2d8f5a265b23-image.png

                        JaredBuschJ 1 Reply Last reply Reply Quote 0
                        • JaredBuschJ
                          JaredBusch @NashBrydges
                          last edited by

                          @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                          @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                          @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                          @jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.

                          No idea how LE works, but you'll find out in 60 days.

                          True enough. I'll leave this enabled and update if it caused any issues with LE.

                          0_1537564897693_3c91d974-c275-4ddd-a39e-2d8f5a265b23-image.png

                          Disabled you mean?

                          NashBrydgesN 1 Reply Last reply Reply Quote 0
                          • NashBrydgesN
                            NashBrydges @JaredBusch
                            last edited by

                            @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                            @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                            @jaredbusch said in Disable FreePBX Admin Access Via Port 80:

                            @nashbrydges said in Disable FreePBX Admin Access Via Port 80:

                            @jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.

                            No idea how LE works, but you'll find out in 60 days.

                            True enough. I'll leave this enabled and update if it caused any issues with LE.

                            0_1537564897693_3c91d974-c275-4ddd-a39e-2d8f5a265b23-image.png

                            Disabled you mean?

                            Lol, yes.

                            1 Reply Last reply Reply Quote 0
                            • 1 / 1
                            • First post
                              Last post