• November 01, 2024, 07:36:21 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Security issue?  (Read 2128 times)

lionkd75

  • Level 1 Member
  • *
  • Posts: 15
Security issue?
« on: June 11, 2016, 09:54:11 AM »
I have installed elFinder. If I try to access directly the NAS from another PC through internet, I have full access to elFinder interface without having to give any password. I use the address username.dlinkddns.com/elfinder/index.php and I have access to elfinder's interface. Is there any way to password protect this interface?
The same applies to other apps as well. For example transmission. If I use the address:

username.dlinkddns.com:9092/transmission/web

I have access to the app (from internet) without the need of any password.

This does not sound very secure.

Your help is really appreciated. Thanks!
Logged

ivan

  • Level 8 Member
  • ***
  • Posts: 1480
Re: Security issue?
« Reply #1 on: June 13, 2016, 01:23:02 PM »
Quote
This does not sound very secure.

I agree it is not secure at all.

The main problem is how the apps are written, they can be secure by default (but then a lot of people would find them hard to use) or they can be insecure (in which case only a few people are concerned about the insecurity).

Not having used either app I can't say much about them but I would hope that there is the ability to secure them somewhere included in each.  If there isn't then stop using them and contact the developers about your concerns.
Logged