htcom Posted May 28, 2012 Report Share Posted May 28, 2012 Is it sensible practice to use https for outside access to the Snomone web interface or is http good enough as long as the port number is changed ? I have changed the port number on https and can access the snomone web interface. However there are two things that I don't think I have set correctly. 1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ? 2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted May 29, 2012 Report Share Posted May 29, 2012 Is it sensible practice to use https for outside access to the Snomone web interface or is http good enough as long as the port number is changed ? I have changed the port number on https and can access the snomone web interface. However there are two things that I don't think I have set correctly. 1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ? 2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location. That's debatable. Generally speaking, HTTPS is so much mainstream today that it is not a big problem to use it. The only problem is the availability of a trusted certificate, so that every web browser accepts the content. But also with HTTP, someone else would have to know the username and password in order to execute something. The risk that you are talking is that someone records the traffic to the PBX and then filters out the username password; in a WLAN scenario in public places that is something I can think of (a bored traveller who has nothing better to do than running Wireshark to see what is going on). I would always use plug and play for the phones. Then you can just ask the user to reset the phone after someone has screwed the configuration up. In the age of facebook, pictures are considered not sensitive information any more I guess... Quote Link to comment Share on other sites More sharing options...
pbx support Posted May 29, 2012 Report Share Posted May 29, 2012 1. The missed call email contains a click-to-dial link. This link points to the http access rather than https. I have looked around, but cannot see where to change this. Am I worrying unduly and is http sufficient for this ? There is "pref_http_scheme" global setting (in the pbx.xml file) which is set to http by default. You can change it to https, if you want it that way. 2. When visiting the web interface the uploaded picture for extension does not display. Looking at the page source it points to the http location rather than the https location. I assume you are talking about the user portal here. We uploaded the picture from the admin portal and logged into the web interface using https. The picture was was visible on the page. (the page source points to http location, but that should be ok) Quote Link to comment Share on other sites More sharing options...
htcom Posted May 30, 2012 Author Report Share Posted May 30, 2012 Thank you for that snom one and pbx support, that's interesting. I was only intending to use either http or https and not both and as such had blocked the http port on the nat firewall, hence why the http content would not display. However after reading the info in your postings I will probably just stick with http and take the small risk. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.