Securing Openvidu for production use on AWS

tomw · May 5, 2020, 2:31pm

2.13 sees the inspector UI, kibana, API, and public websocket all running from 443.

This is a bit of a security issue for us as there is no way to update the ec2 security group to restrict public internet access to the inspector & kibana (and these interfaces are only protected by basic auth).

Ideally we would want to only allow public internet access to the websocket, the REST API and admin interfaces (kibana, inspector) can all be restricted to be accessed by our private IP ranges (internal network VPN for interfaces, our server IP ranges for the REST API).

Is it possible to configure Openvidu pro to set these ports?

pabloFuente · May 5, 2020, 7:15pm

Next release 2.14.0 will bring the ability to change the default HTTPS port where all services are available and also to limit the access to administration dashboards to a specific set of IPs. Stay tuned.

Topic		Replies	Views
Openvidu v2.14 Port Configuration Issues developing apps	1	441	May 18, 2020
OpenVidu not running in secure 443 port Issues with deployment	1	548	June 13, 2020
Locking down access Issues with deployment	10	814	May 14, 2020
Openvidu 2.15 on premise deployment security concern Issues with deployment	2	259	September 7, 2020
Redirection issue with insecure js Issues developing apps	0	239	August 28, 2020

Securing Openvidu for production use on AWS

Related Topics