I need a help how to limit access to my graphs shared through webfig service
When I share access to my router before login I can see my graphics stats.
Is there any way to limit this information after login or switch off ?
change mikrotik web port and block it to outside or create firewall rule and give acsses only special addresses to accses…
No. You can’t do anything but restrict access to the interface or change the port.
You can specify one (and apparently only one) IP range that’s allowed access to the graphs on your interface rules / queue rules / resource rules
That’s the only granularity available to you as far as “allow webfig / deny graphs” capability.
Thanks for all advice’s.
I know that I can give different port to whole webfig and different for winbox app.
To be sure if I understand right webfig separation - is this possible to separate webfig access from webfig access/graphs on different ports ?
No.
You can do it with the built-in web proxy.
Enable the web proxy, redirect inbound tcp/80 connections to it and set access restrictions (for denying/granting access to graphs, use the path /graphs/) in the proxy.
This can be done for literally any address ranges.
Just tested it here and it works. When accessing http:///graphs you get a decent “Access Denied” message.
-Chris