is there a https secure web management access page
Hi
I am concerned about using the unsecured http://tplinkwifi.net to configure mt Archer c6 router. My browser Firefox issues warning its not secure (certificate) and passwords entered could be stolen.
Is there a more secure https:// alternative to log into my router management console?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hey
You don't have to use the tplinkwifi.net address, you can just connect to the IP address for the device if you prefer. It's likely something like 192.168.1.1 or 192.168.0.1
As you are connecting to a 192.x.x.x address this is internal only (its a non routable address), namely, it wont go through the router to the internet and will remain inside your network and you dont have to worry about accepting any warnings for certificates as a result.
Technically the same is true fro the tplinkwifi.net also as its also not going outside, but the 192.x.x.x method is what i prefer personally.
Also worth noting you are likely to get a warning from Firefox, Chrome etc anyways regardless as the certificate used on the router is not a public certificate (it cant be due to local access only) so if honest I wouldnt be concerned about accepting this warning.
I also use Firefox and get the same warnings for this on all vendors, as said if its a 192. address its safe as it cant go outside your network!
- Copy Link
- Report Inappropriate Content
Hi Philbert
Thanks for your reply.
I tried both those 192. numbers and both failed....I got a "Failed to Connect. The website took too long to respond" pop up message in the browser.
I can use the http (non-secure) address to login to the router management page but the interface page I see there for changing the existing login password and the page to change the wifi password do not match the interface change password login pages as illustrated on-line or in the on-line product manual for the Archer C6 (v2). It should show 3 boxes - one to enter the old password (which I want to change) and another 2 boxes box to enter the new password. I see only one box in each case.
Hence am a bit reluctant to use a non secure http login. Why is TP-Link not using secure login?
Bobscat.
- Copy Link
- Report Inappropriate Content
Hey
Its likely just a difference in the web interface version and being honest not something I personally would worry about.
Without going into the deep technical reason for the HTTP, its basically that HTTPS requires a certificate signed by a vendor like Symantec, BitDefender, Comodo etc and this costs $$, its also unique to each router so cant be something for everyone so 99% of the time this is something you setup later. That a very laymens way to putting it but its just the way it is, in short HTTP is standard for nearly all routers but HTTPS is available, although you have to set this up yourself.
Long story short you can ignore this warning and trust the connection, its nothing uncommon. If you want to be ultra safe, just don't connect the WAN cable until you are logged in them there is no chance of it being anything but legit.
However if you really want to ensure its a local only connection, you can connect using one of the Private LAN IP addresses. To do this open a command prompt from a device which connected to the router and run the command IPCONFIG
You will see it list a DEFAULT GATEWAY, provided you have not fancy setup and are connected directly to the router, this will be the address of the router. It will start in 192.168.x.x. or 172.16.x.x or 10.x.x.x.
These are all local IP address ranges and can't go on the internet so its perfectly safe, again you may get an HTTP warning for this site but its grand to ignore due to the non routable address. Once logged in if you feel like setting up HTTPS go for it.
Type this default gateway into Firefox and that will take you to the router.
The tplinkwifi address is a local DNS address, again without getting technical.. the device you are connected to is your DNS server, therefore when it sees you connect to tplinkwifi.net it knows you are wanting to talk to it, its perfectly safe. Again if you feel you want more assurance, do it without the WAN connected.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 643
Replies: 3
Voters 0
No one has voted for it yet.