QUESTION remote administration port instead of 80

A

ariban

Active Member
Joined
Aug 1, 2013
Messages
360
Reaction score
26
Hi,

I installed a system for my brother in law and of course he loves it. however every time i need to get in his system i have to open port 80 on his router in order to access the freepbx administration site. but i dont like leaving this port open and i am using travelin man 3, so basically my question is, is it safe to leave 80 open to his server if there is travelinman3 installed? or is there a way to change this port from 80 to something else and i would be able to remotely (differente country) enter this system for changes?

thank you in advance.

ben
 
You can change the web server port from 80 to almost anything you wish. However, all you are doing is making access to his system a little more obscure, but certainly not safer. Any port scanner can quickly detect what ports are available for further "investigation" in no time. It basically is like leaving your car unlocked, with the keys in the ignition. Sooner or later, someone WILL take it for a test drive!

Personally, I would set up a VPN tunnel to give you the remote access you need. You can also restrict connections to only your IP address if you wish. Then your computer would essentially be sitting on his local LAN, giving you access which ever devices he would allow, like his PC, shared files, printer, etc.
 
It will get hacked if there's any security holes even if you change the port. Had a client whom I told not to do this and they did it anyway. Took a few weeks but they got nailed anyway - I think it was the Freepbx hole from a few years ago. Only $1000 in calls, could've been worse.
 
MGD4me, thanks for the idea of VPN, i didnt think of that! i set up neorouter, is that good enough?

Atsak, any other advice for more protection, or just simply leave those ports close and only open the remote ports for sip and iax2 for his cell phone to connect to the system?

thanks for all the help guys!
 
Close the ports, and use Travellin' Man 3 to open the ports for his cell . . . if you're not really sure what you're doing security wise, don't open them.
 
NEVER open Port 80 to the world, as 80 or any other number..

I recommend you set up a secure SSH tunnel with Key pairs, then you can access the box securely and map any other access across the SSH link.

----------------------------
 
Authentication via http on port 80 is insecure in any situation. Credentials are sent in the clear. Authenticate via https as a start.
 
thank you everyone. the easiest way that was very fast was installing neorouter and i closed all ports for security, thank you again for everything!
 
You must log in or register to reply here.

Members online

No members online now.
Total: 69 (members: 1, guests: 68)

Latest Posts

Forum statistics

Threads
26,688
Messages
174,412
Members
20,259
Latest member
Fadeek86
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Back
Top