NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Login to Orbi router displays not secure, using HTTP instead of HTTPS
After I log in to my router, connection status on the browser shows "Not secure". I click the exclamation icon and see "Your connection to this site isn't secure". I'm using the latest firmware, V2.7...
I get a security warning then choose to proceed anyway. It lets me in but the https is crossed out (see screenshot). Also, the firmware version is 2.7.1.60, which is newer than the one you suggested and "Always Use HTTPS to Access Router" is enabled (see screenshot).
Actually v2.7 is a different fork from v2.6 and v2.7 has different features from V2.6. v2.7 is meant for USA region users only.
Always Use HTTPS to Access Router is used for remote access from remote locations from the WAN side. This doesn't enable HTTPS on the LAN side of the router on it's web page.
You're wrong about "This doesn't enable HTTPS on the LAN side". The option "Always use HTTPS" is intended specifically for Local Management (i.e. LAN). Remote management already includes the https prefix. Refer to screenshot again and you'll see it.
Btw, I live in the USA so the firmware applies to me.
FURRYe38 wrote:Always Use HTTPS to Access Router is used for remote access from remote locations from the WAN side. This doesn't enable HTTPS on the LAN side of the router on it's web page.
It seems to me that DG1980 has a valid point. The screen shot clearly shows "Local Management" with the check box for "Always use HTTPS". Looks like a bug (to me). So, we're back to the problem that Netgear provides no method for users to provide bug reports.
Browsers have different ways of dealing with http/https alternatives. Some browsers appear to search for an https with the same URL before they connect even if the user has specified http.
Can you confirm (a) which browser, and (b) the URL that was entered (http vs https)?
I see nothing in the v2.7 version of FW mentioning of HTTPS like v2.6 so NG may have not implemented it yet in v2.7...
CrimpOn wrote:
FURRYe38 wrote:Always Use HTTPS to Access Router is used for remote access from remote locations from the WAN side. This doesn't enable HTTPS on the LAN side of the router on it's web page.
It seems to me that DG1980 has a valid point. The screen shot clearly shows "Local Management" with the check box for "Always use HTTPS". Looks like a bug (to me). So, we're back to the problem that Netgear provides no method for users to provide bug reports.
Browsers have different ways of dealing with http/https alternatives. Some browsers appear to search for an https with the same URL before they connect even if the user has specified http.
Can you confirm (a) which browser, and (b) the URL that was entered (http vs https)?
I would install the other FW version v2.6 and see if the problem persists...
DG1980 wrote:You're wrong about "This doesn't enable HTTPS on the LAN side". The option "Always use HTTPS" is intended specifically for Local Management (i.e. LAN). Remote management already includes the https prefix. Refer to screenshot again and you'll see it.
Btw, I live in the USA so the firmware applies to me.
