What can we improve?

Documentation

(Edit)

Translation is in progress...
Not all topics are available at the moment and content links may be broken.

Security

In this tab a password query for the WebFront and its editor can be set up. Further security information can be found under Security.

Security tab in the WebFront configurator

Enable editor

Activates the WYSIWYG editor. This option is enabled by default for a fast initial setup and configuration. If the setup is finished, the editor should also be disabled.
The editor will be likewise protected by the password set here.

Hidden objects are invisibly loaded into the WebFront and can therefore be viewed, for example to via the developer console of the web-browser with the appropriate know-how. This is not an error, but a necessity to realize a rapid change in the visibility through the command IPS_SetHidden. As soon as the WYSIWYG editor is activated in the WebFront Configurator, the complete object tree is transferred, for example to realize the start/home category selection. This enables anyone with access to this WebFront to change the start category. After a successful use of the WYSIWYG editor, this should therefore be deactivated in the WebFront configurator.

Required password

For each configurator, a password can be assigned as access protection. This password is required before accessing the respective configurator, or during the configuration within the mobile apps. In addition, the special option can be activated, in which the password is not required within the local network. This password is only valid for accessing the system and its components. The query of the available configurators (Mobile) and the WebFront start page (overview) it is available at any time without a password.

Autostart for IP-address

A special function is the autostart, which opens a configurator directly without a password request if the IP address matches one of the entered IP addresses in this list. This function can be used for example to open a WebFront directly on a touch panel without having to display the normal selection dialog and without having to answer the password prompt. It is important to remember to use this feature only within a secure network.

Since IP-Symcon 5.5 the CIDR notation is also supported. For example, 192.168.1.0/24 includes all addresses from 192.168.1.1 to 192.168.1.255.

This function is not available if IP-Symcon is accessed via a Reverse Proxy or the Connect Service as the origin cannot be verified securely. An exception is the CIDR value Wert 0.0.0.0/0, which forwards all requests, independently of the origin.

Call via URL

There are some situations (e.g., in connection with NAT) when autostart via IP is not working. In these cases a URL with the WebFront password can be used.

// Basic framework for a call via URL
http://<YourIP>:3777/?password=<Password>#<WebFrontID>
 
// Example by starting with the Chromium Browser
// Password: "secret", WebFrontInstanceID: = 12345
chromium-browser --start-fullscreen 192.168.1.123:3777/?password=secret#12345

There is a security risk, because the URL is visible and includes the WebFront password as plain text.

Protect "user" folder

If the content has been stored in the special "user" folder, it is advisable to activate basic-authentication. In this way, these contents are additionally protected and require the respective username/password combination within the WebFront or the mobile Apps. The authentication setup is located at the Invalid Link: Special Switches.

If the authentication base has been activated in a previous IP-Symcon version (up to and including 5.0) in a web server, this is valid until it is deactivated.

Deutsche Webseite verfügbar
Go to cart
Any questions?