17.2. Access over Internet

Take extra care when SavaPage is accessible over public Internet, as a result of enabled Internet Print or explicit WAN to LAN routing, since authentication falls back to global defaults for User Authentication. At least make sure that access to the Admin Web App is solidly secured.

Internet access to each Web App can be restricted with configuration properties in the table below:

Configuration propertyDescription

webapp.internet.enable

Set to Y (default) or N to enable/disable Internet access for all Web Apps.

webapp.internet.*.enable

* = admin | jobtickets | mailtickets | payment | pos | printsite | user

Set to Y (default) or N to enable/disable Internet access for a specific Web App.

webapp.internet.*.auth-mode.enable

* = admin | jobtickets | mailtickets | payment | pos | printsite | user

Set to Y or N (default) to enable/disable webapp.internet.*.auth-modes for a specific Web App.

Note: if webapp.internet.admin.auth-mode.enable = Y, then user admin is not allowed to login to Admin WebApp via Internet.

webapp.internet.*.auth-modes

* = admin | jobtickets | mailtickets | payment | pos | printsite | user

A comma-separated list of authentication methods (name, email, id, nfc-local, yubikey, oauth) for a specific Web App. The first in the list is the default method.

Table 17.1. Web App Internet Access Configuration Properties


See Section 4.11.14, “Config Editor” on how to set these items.

Note

Exceptions to these generic restrictions can be configured by creating a Terminal Device for each trusted client IP address and configure Custom User Login methods.