Wowza Community

WSE Manager: how to restrict access by ip ?

Is it possible to whitelist a list of ips who get access to the manager web interface, or is the firewall the only option ? Also, is there a way to auto login (e.g. http://user:pass@server:8088), use ldap integration, … ?

Hi Florent, please see this guide:

How to connect to remote Streaming Engine installations (whitelist)

Salvadore

Thanks, i saw this, but it’s just moving the problem somewhere else: if i understand correctly, the whitelist only applies to the connection between the manager and the server, not between the client and the manager. I understand that moving the manager behind a firewall will do the trick, but here i’m hoping to restrict per ip directly on the manager interface.

Of course, but someone could bruteforce it, DDoS, or other tricks (SQL injection, CSRF, … who knows). Sounds like good practice not to let anyone access the admin login interface, a bit like an ssh server… Especially on a publically accessible server :slight_smile:

Anyway, firewall is the way to go then. Thank you anyway.

Florent, forgive me if I do not understand what you are trying to do. But there is a level of security via “Users”. If someone tries to access the Manager they will need to log in with a user name and password. If they do not have an account, they will not be able to access the Manager interface.

Salvadore

You are right Florent, there is no way to do this with Wowza, a firewall to restrict certain IPs is the answer.

Salvadore