Embedded web server

From SpinetiX Support Wiki

Jump to: navigation, search

Description

SpinetiX players feature an embedded web server offering access to different player applications such as:

Security

Note  
See also the Security page.

The access to the player embedded web server can / must be protected with strong passwords, configurable from Control Center.

Note Note:
If you want to set / change the passwords on multiple players in a centralized manner (for instance to set a new admin password for all players every 30 days), you can use the set_password RPC command.

HTTPS access

DiVA, HMP300 and HMP350 devices can be accessed using a secured URL (HTTPS).

HMP200, HMP130, and HMP100 models cannot be accessed using a secured URL (HTTPS).

Apache

The embedded web server is based on Apache HTTP Server ("httpd") - a robust, commercial-grade, feature-full, and freely-available source code implementation of an HTTP (Web) server. The version of httpd varies depending of the player firmware, so make sure to use the latest firmware on your players to prevent any security vulnerabilities.

Note Note:
Sometimes, network security scans might reveal potential vulnerabilities affecting the version of Apache being used, however only a limited set of modules are actually implemented / used, so most of them do not actually apply.
This page was last modified on 17 July 2019, at 12:24.