Disable or forward port 80


(Alekos Xanthas) #1

is there a way to disable or forward port 80 to 443 from the gui or console?


SSL and FreePBX
(P Ramarajan) #2

Hi @axanthas
Use the sysadmin ==> port management to disable/enable the ports.

More details:-
https://wiki.freepbx.org/display/F2/System+Admin+-+Port+Management


#3

To disable, as @pramarajan says. This is somewhat more secure, as most bots that probe port 80 won’t try 443.

To redirect, see


This will help clueless users get in, who don’t know to type https.


(Alekos Xanthas) #4

In the port management i cannot disable port 80 for admin, is there a way to disable this as well?


(Jared Busch) #5

Except you cannot disable port 80.

There needs to be amethid within FreePBX, I would assume SysAdmin, to force a redirect to https for port 80 except for LE.

because the vhost for this is auto generated, I would not trust any manual changes to always be in place.

[jbusch@pbx conf.d]$ cat schmoozecom.conf 
# Automatically Generated File - 1578975693
# {"acp":{"port":"80","dir":"\/var\/www\/html"},"ucp":{"port":"disabled","dir":"\/var\/www\/html\/ucp\/"},"restapi":{"port":"disabled","dir":"\/var\/www\/html\/restapi\/"},"restapps":{"port":"disabled","dir":"\/var\/www\/html\/restapps\/"},"hpro":{"port":"84","dir":"\/tftpboot\/"},"leport":{"port":"disabled","dir":"\/invalid\/folder\/name"}}
# Do NOT edit this file as it is auto-generated
# Starting acp
# acp
Listen 80
<VirtualHost *:80>
  Alias /.well-known /var/www/html/.well-known
  Alias /.freepbx-known /var/www/html/.freepbx-known
  RewriteEngine on
  RewriteRule ^/\.(well-known|freepbx-known)/ - [H=text/plain,L]
  RewriteRule (^\.|/\.) - [F]
  DocumentRoot /var/www/html
</VirtualHost>

(system) closed #6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.