Menu
What's new
By:
Filters Better Search

WebUI Authentication Method "HTTPS" (only) option is not working

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

chengr28

chengr28

New Around Here
Hi!

I was encountering another problem in both 386.9 and 388.1 (offical build).

In Administration - System - Local Access Config, the option "Authentication Method" has 3 choices: "HTTP", "HTTPS", "BOTH".

When "Authentication Method" is "HTTPS", the "HTTP LAN port" option is still there and it seems WebUI's HTTP listening is still working.

For example, set "Authentication Method" to "HTTPS", "HTTP LAN port" to 8880, "HTTPS LAN port" to 44443. Apply settings and restart the router. HTTPS WebUI on 44443 is working good, but HTTP WebUI is also working on 8880.

When "Authentication Method" is "BOTH" or "HTTP", everything works good. Especially, set to "HTTP" will work fine and "HTTPS LAN port" option will disappear.

In my opinion, "HTTPS" should mean "HTTPS only", but now "HTTPS" is the same as "BOTH". It seems dangerous. When I set to "HTTPS", I will think that HTTP WebUI is not running.

I also kept possible options off (such as AiProtection, Parental Control, Redirect webui access to router[DOT]asus[DOT]com) and tried to switch to AP mode, nothing changed.

Could I get help for this issue? Thanks a lot.
 

Attachments

  • ASUS_Merlin_HTTPS_Only_01.png
    ASUS_Merlin_HTTPS_Only_01.png
    8.5 KB · Views: 48
  • ASUS_Merlin_HTTPS_Only_02.png
    ASUS_Merlin_HTTPS_Only_02.png
    8.4 KB · Views: 58
  • ASUS_Merlin_HTTPS_Only_03.png
    ASUS_Merlin_HTTPS_Only_03.png
    7.3 KB · Views: 49
Tested with 388.1 on ax88u. In the settings the behaviour seems to be exactly as described - I can't actually login via http.
Perhaps port 80 is blocked rather than the service(?).
However:
Confirmed this myself. Rather than blocking the service, removing the http access in the gui just blocks port 80. Set on a different port http is still active.
I don't see this being much of an issue as http access will be to port 80 normally without specifying a port. Going through tens of thousands of ports to find 'the one' isn't going to be productive unless someone is extremely lucky.
Tell me you haven't opened access from the WAN

*additional*
Just set http back to port 80 and it will be blocked. This is a non-issue.
 
Last edited:
I see. I have tested and setting HTTP port to 80 is working. Thanks a lot.

Is it possible to remove the HTTP port option or reset the value to 80 when "Authentication Method" is "HTTPS"? Add text to warn is also ok.

Few years ago, I think I set the non-standard HTTP port until HTTPS was actived. Not sure if the port set back to 80.
 
You must log in or register to reply here.

Similar threads

G
RESOLVED: Lost access to WebUI from LAN, SSH is working
Replies
1
Views
184
ColinTaylor
C
K
The dreaded "HTTPS is a relatively more secured web access protocol. We strongly suggest to enter the ASUS router setting page via HTTPS protocol."
Replies
16
Views
1K
Diablo99
Diablo99
Objects in Space
ASUS RT-AC68U Auth Method HTTPS Get Chrome NET::ERR_CERT_INVALID
Replies
15
Views
2K
Objects in Space
Objects in Space
Z
Asus node not connecting SOLVED.
Replies
0
Views
2K
zemerdon
Z
brambil
Use 2.5Gbps connection. AiMesh on wan side is possible? Dual WAN ethernet? AX68U and AC68U.
Replies
12
Views
883
Smokin_Joe
S

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 754 (members: 24, guests: 730)
Top