Https is always reachable, and not adjustable in Sysadmin. Security issue

Dear FreePBX,

We have noticed that port 443 https is alway’s reachable for the webinterface of FreePBX Distro.
This is not adjustable in sysadmin, only http port 80 is adjustable.

So changing port 80 into something else for security or bot search reasons is not giving the result we want.
We can change our httpd config, but it would be nice if this is supported in sysadmin.

Please open a request here:

Yes, that is correct. In the not too distant future there’ll be an option for the https port - should it point to Admin, or UCP? However, in the interim, it is only pointing to admin.

If you wish to restrict access to https, you can do so through the integrated Firewall (in FreePBX 13), or through your edge router in older versions.


Thank you,
I have created a request now.

1 Like