Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Nighthawk rooters and https admin GUI

chopin70
Virtuoso
Virtuoso
‎2016-05-28 02:02 PM
‎2016-05-28 02:02 PM

Nighthawk rooters and https admin GUI

Hi,

 

Why we still don't have any option to access GUI management through https and disable http, either for remote management and for local management

 

Using http any being impossible to disable it is a big security issue, even through LAN

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 1 of 8
0 Kudos
Reply

Accepted Solutions
TheEther
Guru
Guru
‎2016-05-29 12:18 PM
‎2016-05-29 12:18 PM

Re: Nighthawk rooters and https admin GUI

Sorry, I meant page 160.  The example shows: http://134.177.0.123:8080 when it should be https://137.170.0.123:8080.

 

On page 159, the picture shows Remote Management Address: https://0.0.0.0:8443.

View solution in original post

Message 6 of 8
Reply

All Replies
BOZGBOZG
Star
Star
‎2016-05-29 01:16 AM
‎2016-05-29 01:16 AM

Re: Nighthawk rooters and https admin GUI

Are you able to access your router remotely using http? I always get an error if I try.
Message 2 of 8
0 Kudos
Reply
chopin70
Virtuoso
Virtuoso
‎2016-05-29 02:32 AM
‎2016-05-29 02:32 AM

Re: Nighthawk rooters and https admin GUI

I never tried remote, but through LAN. Only option is http

In manuals and options, i only see http for remote, with option to change port, which is kidding as of security

Even locally, a bad site can sniff the pass by redirecting a simple malicious script to the http admin gui. If you saved pass, it can sniff it
Message 3 of 8
0 Kudos
Reply
TheEther
Guru
Guru
‎2016-05-29 10:03 AM
‎2016-05-29 10:03 AM

Re: Nighthawk rooters and https admin GUI

Remote management is definitely https, not http.  The R7000 manual has a typo on page 180.  If you look on the configuration screen on page 179, it's correctly shown as https.

 

The local connection is still http, so you still have a valid point, here.  You can vote for adding https here.

Message 4 of 8
Reply
chopin70
Virtuoso
Virtuoso
‎2016-05-29 12:05 PM
‎2016-05-29 12:05 PM

Re: Nighthawk rooters and https admin GUI

I see nothing relevant P180 !

 

Remote management is in P159-160

It definately shows using http through a custom port, no SSL through 443 port

Message 5 of 8
0 Kudos
Reply
TheEther
Guru
Guru
‎2016-05-29 12:18 PM
‎2016-05-29 12:18 PM

Re: Nighthawk rooters and https admin GUI

Sorry, I meant page 160.  The example shows: http://134.177.0.123:8080 when it should be https://137.170.0.123:8080.

 

On page 159, the picture shows Remote Management Address: https://0.0.0.0:8443.

Message 6 of 8
Reply
chopin70
Virtuoso
Virtuoso
‎2016-05-29 12:37 PM
‎2016-05-29 12:37 PM

Re: Nighthawk rooters and https admin GUI

Sorry, you are right, I missed in GUI Setup the https and I trusted the web and manual text

 

Can you confirm that access through http is actually disabled remotely ? That is if you try through http it will not be allowed?

 

I will rise a features to add about https only access through LAN

 

Many thanks

Message 7 of 8
0 Kudos
Reply
TheEther
Guru
Guru
‎2016-05-29 01:59 PM
‎2016-05-29 01:59 PM

Re: Nighthawk rooters and https admin GUI

I'm running 3rd party firmware so I can't personally confirm that http is disabled.  It would be simple enough for you to test via a smart phone connected via cellular.

Message 8 of 8
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 7 replies
  • ‎2016-05-28 02:02 PM
  • 5183 views
  • 3 kudos
  • 3 in conversation
Announcements

Orbi WiFi 7