#620 Excludes for mandatory c2s encryption

Reporter Martin Sebald
Owner Nobody
Created
Updated
Stars ★ (1)
Tags
  • Type-Enhancement
  • Status-New
  • Priority-Medium
  1. Martin Sebald on

    I'm running three phpBB 3.1 forums for different projects. phpBB can use Jabber for notifications (instead or in addition to email) and users like to use it. Unfortunally the implementation of Jabber into phpBB only supports unencrypted connections or SSL connections. No TLS is supported. And with phpBB 3.1 even SSL does not work anymore. No idea why. As there are a lot of "special" clients like phpBB I would like to request a module which allows Prosody admins to set a list of client IPs which are allowed to connect withouth using the mandatory c2s encryption which is also set on our server. This would really help phpBB admins and also admins of other Jabber clients which have some issues. So that would be a great impact and would not affect security in a way which is relevant.

  2. Zash on

    Hi! You don't mention if you run both these services on the same machine. If you do, or if you can set up eg a VPN connection between them then this module might help: http://modules.prosody.im/mod_secure_interfaces.html

  3. Martin Sebald on

    Unfortunally the services run on different machines. MattJ already pointed me to mod_secure_interfaces - which in my case does not help. But as normal for servers, the IPs are fixed and not dynamic. A module which allows a certain white list of IPs (IPv4 and IPv6) to connect without encryption would be really helpful.

New comment

Not published. Used for spam prevention and optional update notifications.