Access the Smoothwall Admin UI securely via HTTPS

This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.

 

Accessing the Smoothwall Admin UI via HTTP is less secure than HTTPS. We recommend you change to use HTTPS instead, and prevent future access via HTTP.

Step 1: Set up access via HTTPS

  1. Sign in to the Smoothwall Admin UI via HTTP on port 81 at http://x.x.x.x:81
  2. Export your Smoothwall default root Certificate Authority in Certificate format.

    Note

    • When accessing via HTTP, your browser may not automatically download the certificate, so you'll need to select to keep the file.
    • Note the expiry date so you can repeat these steps when the root Certificate Authority expires, you renew it, or set up a new certificate.
  3. Import this certificate into your browser following your browser’s documentation.
  4. Verify that the certificate import was successful by accessing the Smoothwall Admin UI via HTTPS on port 441 at https://x.x.x.x:441. If you see any errors on this page, repeat the steps from the beginning.

Step 2: Prevent access via HTTP

Important

Ensure that all Smoothwall Admin users have imported the certificate to their browser before preventing access to the Smoothwall Admin UI via HTTP.

 

Prevent access by removing the HTTP service from your Smoothwall access rules:

  1. Go to Network > Firewall > Smoothwall access.
  2. Find the Allow access from the initially configured port rule, and any other rules with Web-based admin on HTTP (81) in the Services column.
  3. Hover over the rule and select Edit.
  4. Remove the Web-based admin on HTTP (81) service and select Save changes.