SharChen Posted March 26, 2022 Report Share Posted March 26, 2022 Hi Sir, How can I block direct IP access to Vodia web server(HTTP and HTTPS)? Thanks! Shar Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted March 26, 2022 Report Share Posted March 26, 2022 You mean you don't want someone to get to the PBX by using an IP address? There is a setting called "Ignore packets that do not match a domain on the system" (/reg_security.htm) that might do what you are looking for. Quote Link to comment Share on other sites More sharing options...
SharChen Posted March 28, 2022 Author Report Share Posted March 28, 2022 Yes, thanks you so much, it's what I looking for. One mode question, Could PBX redirect IP to FQDN or not response? Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted March 28, 2022 Report Share Posted March 28, 2022 Right now the PBX would just reject the request. Quote Link to comment Share on other sites More sharing options...
RichardDCG Posted March 28, 2022 Report Share Posted March 28, 2022 12 hours ago, SharChen said: Yes, thanks you so much, it's what I looking for. One mode question, Could PBX redirect IP to FQDN or not response? wouldn't you want the PBX to drop the request and not redirect? Otherwise it would defeat the purpose of blocking direct IP access... Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted March 29, 2022 Report Share Posted March 29, 2022 16 hours ago, RichardDCG said: wouldn't you want the PBX to drop the request and not redirect? Otherwise it would defeat the purpose of blocking direct IP access... Yea I am not 100 % sure what exactly happens, but it does not redirect it to another location (that is 100 % sure). Quote Link to comment Share on other sites More sharing options...
SharChen Posted April 11, 2022 Author Report Share Posted April 11, 2022 Unfortunately, this function did not work in our test environment. It's about some security rating company will check that the SSL certificate matches the applied domain name. They found the SSL certificate used for direct IP access does not match the domain name applied for and therefore lowered the rating. I know Apache and other HTTP server can deny the direct IP access and look for the same function in Vodia server. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted April 11, 2022 Report Share Posted April 11, 2022 We had already made a change in the development version for this, so that the PBX will not respond to requests that do not match any valid name of the system. This can be controlled with the flag "Ignore packets that do not match a domain on the system" (/reg_security.htm). We will just include this in the next build (68.0.14). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.