« Back to Product



The WebServer module in IP-Symcon is used to make the WebFront available via another port. By default, the WebFront is available via port 3777. In particular, another WebServer is advantageous if SSL encryption is to be used.

Optionally, it is possible to enable basic authentication, which provides additional protection for the "user" folder.


Scripts executed by the WebServer include these system variables .


The JSON-RPC API (/api/) is available on any WebServer and is secured by remote access. Since IP-Symcon 4.0, the WebHooks (/hook/) are also available, each of which is secured by the authentication of the respective WebHook.


Since version 4.0, the WebServer is no longer added automatically. To be able to use it, it must be added via "Add object -> Add instance -> WebServer"


Basic authentication applies to the "user" folder only. The start page with the list of available configurators is always accessible without a password. If a WebFront password is to be assigned for each WebFront configurator, this can be set up in the configuration of the respective WebFront configurator

SSL Encryption

To use SSL, at least the certificate and the private key are required.

Option Description
Certificate Selection of the *.pem file containing the certificate
Private key Selection of the *.pem file containing the private key
Certification body
Selection of the *.pem file which contains the certification authority for a trusted access
DH parameters
Select the dhparam.pem file for the Diffie-Hellman parameter which prevents a logjam. This brings increased safety
configuration page

Create certificate

Using OpenSSL, certificates and private keys can be created.

// Generate a private key
    openssl genrsa -out pk.pem 1024

    // Create a certificate signing request
    openssl req -new -key pk.pem -out req.csr

    // Self-sign the csr
    openssl x509 -req -days 3650 -in req.csr -signkey pk.pem -out cert.pem

For a Browser to accept a certificate, IP-Symcon must be accessible via a public domain and a certificate issued by a recognized certificate authority must be present.

"user" Folder

The "user" folder contains user-defined contents of IP-Symcon (e.g. additional display scripts).
The path to this folder depends on the operating system used.

  • SymBox: /var/lib/symcon/webfront/user/
  • Windows: C:\ProgramData\Symcon\webfront\user\
  • MacOS: /Library/Application Support/Symcon/webfront/user/
  • Linux: /var/lib/symcon/webfront/user/
  • Raspberry Pi: /var/lib/symcon/webfront/user/

If files are stored under another path, they will be deleted automatically during the next update of IP-Symcon. This is the only way to ensure that the installation of IP-Symcon always remains free of file version conflicts.


Up to and including IP-Symcon 6.4 the paths were the following:

  • SymBox: /var/lib/symcon/user/
  • Windows: C:\ProgramData\Symcon\user\
  • MacOS: /Library/Application Support/Symcon/user/
  • Linux: /var/lib/symcon/user/
  • Raspberry Pi: /var/lib/symcon/user/

Protect "user" folder

If the content has been stored in the special "user" folder, it is advisable to activate basic-authentication. In this way, these contents are additionally protected and require the respective username/password combination within the WebFront or the mobile Apps.
The authentication setup is located at the Special Switches.


If the authentication base has been activated in a previous IP-Symcon version (up to and including 5.0) in a web server, this is valid until it is deactivated.

Log files

The option "Create log files" creates a file named access_12345.log in the "logs" directory of IP-Symcon for each WebServer, where the number 12345 stands for the InstanceID of the WebServer.
The created log files are Webalizer compatible and can thus be evaluated graphically.
The path to this folder depends on the operating system used.

  • SymBox: /var/log/symcon/
  • Windows: C:\ProgramData\Symcon\logs\
  • MacOS: /Library/Logs/Symcon/
  • Linux: /var/log/symcon/
  • Raspberry Pi: /var/log/symcon/

Tips and tricks

Forum: "Order SSL certificate and set it up in IP-Symcon"

Any questions?