Forum Discussion

Virtuoso

May 28, 2016

Solved

Nighthawk rooters and https admin GUI

Hi, Why we still don't have any option to access GUI management through https and disable http, either for remote management and for local management Using http any being impossible to disabl...

Advanced Features

Firmware

Security

TheEther
May 29, 2016
Sorry, I meant page 160. The example shows: http://134.177.0.123:8080 when it should be https://137.170.0.123:8080.

On page 159, the picture shows Remote Management Address: https://0.0.0.0:8443.

chopin70

Virtuoso

May 29, 2016

I never tried remote, but through LAN. Only option is http

In manuals and options, i only see http for remote, with option to change port, which is kidding as of security

Even locally, a bad site can sniff the pass by redirecting a simple malicious script to the http admin gui. If you saved pass, it can sniff it

TheEther

Guru

May 29, 2016

Remote management is definitely https, not http. The R7000 manual has a typo on page 180. If you look on the configuration screen on page 179, it's correctly shown as https.

The local connection is still http, so you still have a valid point, here. You can vote for adding https here.

chopin70
Virtuoso
May 29, 2016
I see nothing relevant P180 !

Remote management is in P159-160
It definately shows using http through a custom port, no SSL through 443 port
- TheEther
  Guru
  May 29, 2016
  Sorry, I meant page 160. The example shows: http://134.177.0.123:8080 when it should be https://137.170.0.123:8080.
  
  On page 159, the picture shows Remote Management Address: https://0.0.0.0:8443.
  - chopin70
    Virtuoso
    May 29, 2016
    Sorry, you are right, I missed in GUI Setup the https and I trusted the web and manual text
    
    Can you confirm that access through http is actually disabled remotely ? That is if you try through http it will not be allowed?
    
    I will rise a features to add about https only access through LAN
    
    Many thanks