You are viewing limited content. For full access, please sign in.

Question

Question

Can Port 80 be blocked without a firewall?

Version 10 Laserfiche
Updated May 15, 2019
asked on May 14, 2019

Hi there,

I can block port 80 with the firewall and LF Client and Web Client work fine, in many environments. I'm working at a customer site that has a policy of not using software-based firewalls on the servers so I can't use Windows Firewall. I tried setting the port to 0 in the registry but that breaks Laserfiche.

Is there a way to actively prevent port 80 being used (in particular with the fat clients) without using a firewall?

In Web Client config, I have a redirect from HTTP to HTTPS.

-Ben

0 0

Replies

replied on May 14, 2019
0 0
View 4 previous replies
replied on May 14, 2019

Hi Erik,

At the moment SSL and non-SSL works fine. My requirement is to enforce SSL without using a firewall.

We could also obscure the non-SSL connection by setting the listening port to 81 or 128, for example. It doesn't look like LF can have this port switched off completely.

-Ben

0 0
replied on May 14, 2019

You can change the bindings in IIS for the web client if needed. I think that you can switch the repository to use the SSL connection in the Web Client configuration though.

0 0
replied on May 14, 2019

Hi Michael,

Web Client isn't an issue. It's Win Client and MMC Admin Console.

The repository is accepting SSL but getting it to actively refuse non-SSL is the issue.

-Ben

0 0
replied on May 14, 2019

Wouldn't it accomplish the same purpose to enforce SSL connection settings with group policy?

0 0
replied on May 14, 2019 Show version history

You mean to use group policies to pre-write IPDatabase, and <repository>Settings, and ServerList keys and mark them as read-only?

Yes, that would work for anyone using Win Client and the Win Admin Console. It's a good approach but not as complete as I would like and doesn't block the port at the server.

0 0
replied on May 14, 2019

GPO to push the registry settings on the client so they always connect SSL.  It doesn't block the port server side.  I don't know of a way to block port 80 without a firewall.

0 0
replied on May 15, 2019

I suspect you're right but I need a definitive response from Laserfiche on this one because it will mean a change to security policy.

-Ben

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...