Disable FreePBX Admin Access Via Port 80
-
I have a FreePBX setup on Vultr and enabled Lets Encrypt but there doesn't appear to be any way to disable admin portal access via HTTP or to redirect. Hoping someone here knows something I may have missed. Running FreePBX 14.
-
This post is deleted! -
@aaronstuder said in Disable FreePBX Admin Access Via Port 80:
Vultr Firewall
And that will break LE.
-
Just block port 80 if you want.
-
This post is deleted! -
@scottalanmiller said in Disable FreePBX Admin Access Via Port 80:
Just block port 80 if you want.
My post deleted for stupidity. Lol
-
-
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
-
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
Better question here is, why do you care?
ID will kill repeated attempts.
-
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
Better question here is, why do you care?
ID will kill repeated attempts.
This is a good question. Port 80 being open isn't a risk as long as you know not to use it.
-
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
You sure it does? Just specify to use 443 for LE.
-
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
Better question here is, why do you care?
ID will kill repeated attempts.
I would normally totally agree but my role was just to set it up. The client has onsite IT who aren't supposed to touch the FreePBX install but the client has to have the login/pwd for the instance and it's part of their IT inventory. I'm just trying to eliminate the idiot effect where someone, without thinking, just goes to the HTTP URL instead of HTTPS. If there was a redirect, I wouldn't have to worry.
The risk is low that someone will login except me, but still a risk and if it's one I can avoid, all the better.
-
@scottalanmiller said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
If this helps, this is what I see in the port management.
I can't block it at the firewall level since LE needs port 80. So if I can't close the port, would love to redirect the admin page. I suppose I could setup Nginx but would prefer not to have to do that.
Better question here is, why do you care?
ID will kill repeated attempts.
This is a good question. Port 80 being open isn't a risk as long as you know not to use it.
Right, as long as YOU do not fuck up and go to the page via
httpinstead ofhttpsthere is no risk here because if you don't have web management set to Internet, an IP the is not already allowed cannot even get to the page.
-
@jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.
-
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.
No idea how LE works, but you'll find out in 60 days.
-
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.
No idea how LE works, but you'll find out in 60 days.
True enough. I'll leave this enabled and update if it caused any issues with LE.
-
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.
No idea how LE works, but you'll find out in 60 days.
True enough. I'll leave this enabled and update if it caused any issues with LE.
Disabled you mean?
-
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch said in Disable FreePBX Admin Access Via Port 80:
@nashbrydges said in Disable FreePBX Admin Access Via Port 80:
@jaredbusch Brilliant! I changed the HTTP service to reject and it automatically redirects to HTTPS. Didn't even think of this.
No idea how LE works, but you'll find out in 60 days.
True enough. I'll leave this enabled and update if it caused any issues with LE.
Disabled you mean?
Lol, yes.
