Web GUI location and how to protect it?
- Thread starter nttec
- Start date
Hey,
it runs on port 8006. Is your instance on a public IP, or can it only be accessed from within the same network? The only way someone might hack it, is by guessing the password, and the best protection against that is choosing a strong one. However, if you'd like to prevent others from even trying you can restrict the IP addresses that can access the GUI in the first place. One way to do that is with a reverse proxy, it forwards(or doesn't) requests arriving the port to the server, https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ or ttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ might be something to take a look at.
it runs on port 8006. Is your instance on a public IP, or can it only be accessed from within the same network? The only way someone might hack it, is by guessing the password, and the best protection against that is choosing a strong one. However, if you'd like to prevent others from even trying you can restrict the IP addresses that can access the GUI in the first place. One way to do that is with a reverse proxy, it forwards(or doesn't) requests arriving the port to the server, https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ or ttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ might be something to take a look at.
I'm thinking of putting that .htpassword. but I am not sure which is the default httpd service is being use by proxmox. I am seeing lighthttpd and apache2 on /etc. would you know which one is being used by the default HTTP service of proxmox?