I am using AWS EC2 instance. In that we have installed and developed the ignition.
Below is the URL for our perspective application.
http://localhost:8088/data/perspective/client/LMS_COTS_AND_APRONS/landing_page
Usually if we installed in local system, I can able to give my local IP to others, they can able to access by the IP address, since we are connected to same network
Now I am clueless , how some person able to access the link of our application hosted in AWS.
Kindly Need your suggestions.
Exposing an EC2 instance to the wide open Internet is a well documented task. Try Google.
Before you do, though, seriously consider what you're doing. Exposing Ignition gateways to the wide open internet is often not necessary, and virtual private networks or other secure-by-default approaches are more appropriate.
At an absolute bare minimum, you must enable HTTPS before exposing any web service of any kind to the open internet.
Consider our Cloud Edition for a more turn-key solution to running Ignition in the cloud.
2 Likes
And I'd add that is is highly recommend to use a WAF (Web Application Firewall). Reach out to your IT dept. if you have one. They'll shoot down any/all your ideas, but you might get someone who is willing to help.
2 Likes
Thank you for your reply @PGriffith .
Yes we are not exposing to wide open internet, will try to use VPNs.
Thank you for your reply. @drojas .
You actually opened up a whole can of more issues. Port 8088 is not secure and you would be exposing your login credentials (or anyone else that you make log in to your application) to the internet. Port 8043 and Force Secure Redirect.
And set up an SSL certificate.
1 Like
Those are terrible instructions. The initial connection to the gateway web interface should be via localhost:8088, or via a private address for your cloud instance (via VPN). Only after your gateway is configured for SSL and only SSL should you attach and use a public IP address.
1 Like