How to force port 52311 to be encrypted

Usage and Config Security
1

Hi everyone,

our security scan noticed that port 52311 on the root and relay servers are open - as they should, as far as I know this port is meant for communication between clients/agents and the BigFix system.

It gives a nice “404 – Not Found” message and that’s it.

However, this port can also be accessed without encryption, so via http://bigix:52311 and this is non-compliant according to our company standards.

Is there a way to force a redirect to https for this port? Or to only offer encrypted communication on 52311?

Thanks and kind regards
Max

2

At present the only way to force it on Relays is to enable Relay Authentication. It cannot be done for the root server itself.

Relay Authentication is a major change though, so be sure to read the documentation on that. You’ll need to set an Authentication Password and use that when registering new clients.

3

Thanks for the reply, good to know! :slight_smile: