Security » Recommendations for protecting Web Interfaces

Created by Sagecom Support, Modified on Wed, 9 Aug, 2023 at 1:53 AM by Sagecom Support

1. Do not log into you Admin Interface from public computers

If you are using a public computer, the risk of compromising your login credentials is higher. The best advice here would be to avoid entering sensitive information into a public computer at all. We have prepared several general guidelines to help protect against casual hackers who use a public computer after you. But keep in mind that an industrious thief might have installed sophisticated keylogging software on the public computer that records every keystroke and then emails that information back to the thief. Then it doesn't matter if you haven't saved your information or if you've erased your tracks. They will still have access to your information.

If you cannot avoid logging in from a public computer, please follow these guidelines to help ensure your safety.

  • Never save login information in browser.
  • Log out as soon as the work is finished.
  • Clear the browser history (perform the complete clean to remove cached data and browser cookies).
  • Don't leave the computer unattended with sensitive information on the screen.
  • Watch for over-the-shoulder snoops.
  • Use the browser incognito or private mode if it is available.
  • Consider changing the password from a trusted computer as soon as you can. In this case even if your password was stolen, it is less likely to be used.

2. Limit access to the web interface for your Admin users and customers

Web portals are very convenient and helpful, but they can provide a lot of sensitive information to fraudsters (VoIP credentials, financial information, calls history, etc.) Strong password is a must, but you can improve the security of the portals even further. If your admin users access the portal only from some predefined locations (home, office) you can define the list of IP addresses allowed to access the Admin interface. In this case the portal will not be available for unauthorized destinations. 

To add this option, please follow the steps below.

Limitation for Users:

  • Open the needed user and proceed to the Web Self-Care tab.
  • Set the Allow login from option to Specific IP addresses/networks and define the allowed IP addresses or networks.

Limitation for Customers:

  • Open the needed customer and proceed to the Notepad field.
  • Add the restriction rules in the following format:

For a single IP address:

ACCEPT:1.2.3.4

DENY:1.2.3.4

For a subnet:

ACCEPT:1.2.3.4/28

DENY:1.2.3.4/28

To allow or to deny access from all IP addresses:

ACCEPT:ALL

DENY:ALL

 The rules are checked one by one in the order they are specified in the Notepad field. If at least one rule is defined but the requesting IP address does not match anything, then the access will be denied. For example, to deny only a single specified IP address 1.2.3.4 and a subnet 4.3.2.1/28, the Notepad field should contain:

DENY:1.2.3.4

DENY:4.3.2.1/28

ACCEPT:ALL

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article