Technical information
Network Security White Paper ver. G.1.2
Page 16 of 72
1-5-6 Recommended Precautions
The following are suggested precautions against threats to HTTP service.
Scenario 1: Basic security settings
Change the username and password from the default value to something difficult to guess and change
them regularly.
The username and password are the same as those used for logging in to mshell; therefore, changing
the username and password for Web Image Monitor’s Administrator mode means changing them for the
mshell as well.
Scenario 1: Standard security settings
Forward HTTP requests to HTTPS.
Whether all, some, or none of the HTTP requests received by the MFP are forwarded to HTTPS,
depends on the settings (Please refer to the Appendix section entitle “HTTP/HTTPS Settings”).
Scenario 2: High security policy
Close the HTTP port.
The HTTP port can be completely closed with mshell. In this case, both Web Image Monitor and IPP
(Internet Print Protocol) are unavailable via HTTP. However, Web Image Monitor and IPP printing are
still available via HTTPS.
Note: We recommend using HTTPS instead of HTTP whenever possible.
1-6 HTTPS
1-6-1 Function Overview
HTTPS is HTTP over SSL (Secure Socket Layer). HTTPS provides the same functions as HTTP.
HTTPS maintains higher security than HTTP because SSL provides the following features:
• Identity verification
• Data integrity verification
• Encryption potential threats and recommended precaution
1) Destruction, corruption or modification of the file system
The HTTPS service is designed to deny access to the file system and prevent executable files from
being run.
1-6-2 Theft of Username and Password
When using HTTPS, all data including the username and password is encrypted using an encryption
algorithm negotiated during the SSL handshake. This is safer than sending username and passwords
encoded in Base 64 (using the HTTP).