Jump to content

remote http access


htcom

Recommended Posts

Is it sensible practice to use https for outside access to the Snomone web interface or is http good enough as long as the port number is changed ?

 

I have changed the port number on https and can access the snomone web interface. However there are two things that I don't think I have set correctly.

 

1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ?

 

2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location.

Link to comment
Share on other sites

Is it sensible practice to use https for outside access to the Snomone web interface or is http good enough as long as the port number is changed ?

 

I have changed the port number on https and can access the snomone web interface. However there are two things that I don't think I have set correctly.

 

1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ?

 

2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location.

 

That's debatable. Generally speaking, HTTPS is so much mainstream today that it is not a big problem to use it. The only problem is the availability of a trusted certificate, so that every web browser accepts the content. But also with HTTP, someone else would have to know the username and password in order to execute something. The risk that you are talking is that someone records the traffic to the PBX and then filters out the username password; in a WLAN scenario in public places that is something I can think of (a bored traveller who has nothing better to do than running Wireshark to see what is going on).

 

I would always use plug and play for the phones. Then you can just ask the user to reset the phone after someone has screwed the configuration up.

 

In the age of facebook, pictures are considered not sensitive information any more I guess...

Link to comment
Share on other sites

1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ?

There is "pref_http_scheme" global setting (in the pbx.xml file) which is set to http by default. You can change it to https, if you want it that way.

 

2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location.

I assume you are talking about the user portal here. We uploaded the picture from the admin portal and logged into the web interface using https. The picture was was visible on the page. (the page source points to http location, but that should be ok)

Link to comment
Share on other sites

Thank you for that snom one and pbx support, that's interesting.

 

I was only intending to use either http or https and not both and as such had blocked the http port on the nat firewall, hence why the http content would not display.

 

However after reading the info in your postings I will probably just stick with http and take the small risk.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...