Skip to content
← User Interface (UI)

How can we improve our various UIs (please focus on the new web UI)?

User Interface (UI)

Categories

Set the new UI to enforce HSTS and allow to change cipher

These are security relate in reference to the New UI, and since PRTG contains authentication and secure data, it should be secured as any Enterprise software should be.

  1. In the 25.3.110.x release the New UI enables an application server which by default does not enforce HSTS by default.

https://www.tenable.com/plugins/nessus/142960

https://datatracker.ietf.org/doc/html/rfc6797

https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhelpdesk.paessler.com%2Fen%2Fsupport%2Fsolutions%2Farticles%2F76000085931-how-can-i-use-hsts-headers-with-prtg-&data=05%7C02%7Cbilly.cole%40pheaa.org%7Cf67b4f55c8614d8cc54608de16f186c3%7C4fbf871eff124b1ab9775dbc3a75478f%7C0%7C0%7C638973423903220245%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=GqjSpjXDT2qPBThKdz%2B0re4tmerc3H8eJIECicpnb6g%3D&reserved=0

  1. When scanning the New UI with Tenable/Nessus found that it is using a weak cipher and as the support case 2787397 notes, there was not a way to change the cipher to a TLS2/3 acceptable suite.
1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Billy Cole shared this idea  ·   ·  Report…  ·  Admin →

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment