By default, the LORIX Manager GUI is accessible through both http (unsecured) and https (secured) protocols. Some corporate technical policies may, however, restrict access via https in the absence of a valid certificate. This is why http remains enabled by default.
Once a valid certificate is configured or if there are no constraints within your environment, there may be a preference for accessing the GUI exclusively through https.
In the realm of https, the connection is encrypted, offering a safeguard against transmitting usernames and passwords in plaintext during authentication. Furthermore, the use of a valid certificate not only ensures encryption but also provides authentication for the gateway, bolstering the overall security posture.
Disable http access
For enhanced security, it is advisable to disable http access on the gateway, ensuring users exclusively connect via https.
To achieve this, update the configuration of the LORIX Manager by introducing an additional configuration file at /etc/manager/conf.d/20-disable-http.toml
. Include the following option in this configuration file:
Disable http access
[api]
[api.http]
# Disable http access
enabled = false
YML
Then, restart he LORIX Manager with:
sudo rc-service managerd restart
BASH