Syncovery Support Forum

A forum for all questions and requests concerning Syncovery
https://www.syncovery.com/forum/

Do not use on a server directly connected to the Internet

https://www.syncovery.com/forum/viewtopic.php?f=8&t=112

Page 1 of 1

Do not use on a server directly connected to the Internet

Posted: Fri Sep 18, 2020 1:30 pm
by steinitz
Hi,

Looking at the downloads for a version for my Ubuntu server, I noticed the message:
Do not use this on a server that is directly connected to the Internet. Use it only behind a router within your LAN
Is that message referring to Syncovery in general or just the web interface? If the latter, two questions:

- how does one disable the web interface?
- how can one make the web interface secure?

Webmin, for example, demonstrates that a web interface can be relatively secure.

Thanks

Re: Do not use on a server directly connected to the Internet

Posted: Fri Sep 18, 2020 2:08 pm
by tobias
Hello,
the warning is mostly about the web interface. But it is also a little obsolete, because newer Syncovery versions support using SSL with the web interface. When you open the non-SSL port 8889 from another machine (not localhost), then the SSL configuration page will be shown.

For extended security, you could use a web server's firewall to allow the Syncovery port only from specific IP addresses.

Or you can turn the webserver off when you don't need it, using
SyncoveryCL SET /WEBSERVER=OFF
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited