#1 2017-05-01 18:00

Jaapyse
New Member
Registered: 2017-04-04
Posts: 3

HTTPS support

Hey forum and den4b,

I'm loving Shutter to bits, but I'm slightly concerned about the safety of opening a port to the internet with a webinterface that can interact with my OS to quite a deep level. I'm using a non-standard port and an insane login - password combo but I just don't know if that's going to cut it. I would feel a bit safer with HTTPS, even if it's self signed. What underlying platform are you using for the webinterface? Apache or something?

If there's no way to do this, that's no problem either, but it would be cool if it's actually possible.

- Jaapyse

Offline

#2 2017-05-03 08:28

den4b
Administrator
From: den4b.com
Registered: 2006-04-06
Posts: 2,547

Re: HTTPS support

Your concerns are completely valid and HTTPS protocol is the way to go to improve security of Shutter's Web Interface.

Shutter is currently undergoing a major migration to a newer development environment. Part of this effort also includes a complete rewrite of the Web Interface using new networking libraries, which should make it possible to add HTTPS support.

If you would like to get your hand on the first release candidate when it becomes available, you can subscribe to the mailing list or news forum for updates. It may take another month or two, but a new Shutter is on its way.

What underlying platform are you using for the webinterface? Apache or something?

It is a custom build and very basic HTTP server, which is primarily why it was not feasible to add HTTPS support.

In the meantime, you can protect Shutter's HTTP traffic trough a local HTTPS proxy or an SSH tunnel.

Offline

#3 2017-12-06 19:42

den4b
Administrator
From: den4b.com
Registered: 2006-04-06
Posts: 2,547

Re: HTTPS support

An option to enable secure communication (HTTPS) for the Web Interface was added in Shutter v4.0.0.2 Alpha.

Offline

Board footer

Powered by FluxBB