Configuring Remote Settings
The remote settings page allows the administrator to configure web administration access, and remote Application Programming Interface (API) access to Cerberus FTP Server. Cerberus allows remote access to the server administrator using a web browser, and by the normal Cerberus FTP Server Graphical User Interface (GUI) when running in Windows Service mode.
For software developers, Cerberus exposes several APIs for controlling all aspects of the server using SOAP web services.
SOAP Administration Settings
The remote access settings control HTTP and HTTPS web administration, as well as SOAP API access to Cerberus FTP Server.
When Cerberus is running as a Windows Service, the GUI connects to and communicates with, the Cerberus Windows Service through a remote access API called SOAP. The Cerberus Windows Service listens for SOAP connections on the Port specified under the Remote Settings page. That port must be available for Cerberus to listen on, or the GUI will be unable to connect to the service.
|HTTP Port||The port that the SOAP service and web administration pages will be served from.|
|Use Secure HTTP (HTTPS)||Select this option to allow only secure HTTPS connections for the web administration and SOAP access. A restart of the underlying Cerberus FTP Server Windows Service is required after changing this parameter.|
|Allow Remote SOAP Access||Enable SOAP-based remote access. SOAP is an API for connecting programmatically to the server. When this setting is enabled, applications can make SOAP calls to the server from outside the local machine (subject to authentication).
NOTE: Local SOAP access is always enabled. The Cerberus UI requires SOAP access to enable communication between the UI and the underlying Cerberus Windows Service.
Advanced SOAP Settings
You can control what SSL protocols are supported, as well as what ciphers to allow for SOAP-based SSL connections. Changes to these settings require a service restart.
There is always a primary admin account, with full permissions to all server functions. The primary admin account is highlighted in green lettering in the administrator list.
|Primary Admin Username||The username used to access the web administration page. This username is also used for basic authentication when using the SOAP web services API to access the server.|
|Primary Admin Password||The password used to access the web administration page. This password is also used for basic authentication when using the SOAP web services API to access the server.
NOTE: This is also the username and password used when accessing Cerberus as a Windows Service from the Cerberus GUI. Normally, administrators won’t be prompted for this password and the GUI will automatically connect to the service whenever it is started.
The administrator can also control the server through web administration. The web administration feature has nearly the same capabilities as the desktop user interface. Most server functions can be controlled through web administration. We will be adding more features with every minor release until web administration mirrors the local graphical user interface.
Web administration and SOAP access no longer share the same protocol and port for access.
Previous releases of Cerberus FTP Server used the same HTTP/S engine to provide web administration and SOAP API access.
In version 9.0 we switched web administration to the custom HTTPS engine we’ve been using for years for our HTTPS web client. The new HTTPS engine is fast, flexible, and secure.
SOAP remote administration runs on the same port and in the same way that it always has. Nothing has changed for SOAP access.
Web administration will simply require adding a new HTTPS Admin or HTTP Admin listener on any IP and port you wish to enable web administration on again. It will have to be on a different port than SOAP access now.
To add a new HTTPS web admin listener:
- Open the Server Manager.
- Select the Interfaces page.
- Press the plus button to add a new listener. The Add New Listener dialog will appear.
- Select the IP address you want the web administration listener to be on.
- Select either HTTPS Admin or HTTP Admin as the listener type to add a new listener on the selected IP address using either HTTPS or HTTP.
- Press the Add button to add the new listener.
- Press the Save button on the Server Manager to save the new addition and activate the listener.
Secondary Web Administration Accounts
You can also assign additional web administration users, and limit their access to different aspects of the server like user management, reporting, etc.
Secondary web administration users can be managed on the Remote page.
Please note that secondary web administration users cannot access the SOAP API. Only the primary admin user can use the SOAP API at this time.