any advantages of HTTPS web management on a local network for a single user?

[iFrogMac]

Hey all, just moving this question from another existing thread I had posted it on, then removed from after being suggested to start a new thread.
In the ASUSWRT local management settings it gets the options of HTTP, HTTPS, or both. Most of the time I just leave my routers to HTTP so I don't have to deal with browser warnings due to the self signed certs routers have.
I was curious as to setting this to Both, would it give me any advantages over simply just leaving it at defaults? From my understanding, it really wouldn't matter for local management for one person.

 

[eibgrad]

I always use HTTP, even from the WAN side (assuming it's allowed) since I only ever access it locally or over a VPN anyway. The problem, if there is one, is if the browser you're using one day decides to NOT accept anything but HTTPS. That's always a potential threat. We've seen common features/options/services taken away before due to security concerns (SHA1, FTP, PPTP, etc.). It's NOT hard to imagine HTTP one day falling out of favor similarly.

 

[iFrogMac]

I always use HTTP, even from the WAN side (assuming it's allowed) since I only ever access it locally or over a VPN anyway. The problem, if there is one, is if the browser you're using one day decides to NOT accept anything but HTTPS. That's always a potential threat. We've seen common features/options/services taken away before due to security concerns (SHA1, FTP, PPTP, etc.). It's NOT hard to imagine HTTP one day falling out of favor similarly.

Yeah, some of the browser security is overkill, but they typically target it to people who don't know what they're doing, which makes it a pain even more so for those of us who need a specific config. Anyway, sounds like my initial thoughts line up with your response and it's OK to stick with the default of HTTP for local management. For security I've kept WAN access disabled. I've been told I can use a VPN for remote access, and I've put this suggestion on the back burner to have it handy if I need it. However, right now I don't even need to deal with that amount of setup, since I primarily make changes from home.

 

[ColinTaylor]

I use HTTP even though I have HTTPS enabled as well. Because I'm lazy and typing the extra five characters :8443 is too much hard work.

 

[iFrogMac]

I use HTTP even though I have HTTPS enabled as well. Because I'm lazy and typing the extra five characters :8443 is too much hard work.

OK, I'll stick with the defaults for now, until I have a NEED to change something. Everything is working, so no need to change for now.

 

[Tech9]

OK, I'll stick with the defaults for now, until I have a NEED to change something.

Thank you!

@TheLyppardMan

 

[Justinh]

That's always a potential threat

You think improving security by removing insecure functionality is a "threat"?

Inconvenient, painful, no fun maybe.