Secutity issues on the ws10 – NOVUS Web Server – WS10 User Manual

Web Server – WS10

NOVUS AUTOMATION

31/33

SECUTITY ISSUES ON THE WS10

TELNET ACCESS

Up to 2 authorized telnet users can be configured on the WS10. With factory settings, the WS10 has one configured telnet user (telnet/telnet).
Since the second user is not configured, a default user is also enabled, with user name and password tel. The telnet console can be disabled, but it
is not recommended since it is the main configuration tool for the WS10. To increase the security level, configure both telnet users.

Telnet configurations are located at the [TELNET] section of the system file CHIP.INI exemplified below:

[TELNET]
ENABLE=1
TIMEOUT=10
LOGINDELAY=0
LOGINRETRIES=3
USER0=TELNET
PASSWORD0=TELNET
USER1=SUPERVISOR
PASSWORD1=SUPER

The Telnet function is configured at the [TELNET] section. Only make changes to this section!
ENABLE: 1 to enable and 0 to disable the Telnet console.
TIMEOUT: Time in minutes of inactivity before the telnet connection be closed by the WS10.
LOGINDELAY: Enable progressive delay on the next login when an invalid username or password is submitted. 1 to
activate and 0 to deactivate this feature.
LOGINRETRIES: Maximum number of login retries before the WS10 closes the connection.
USER0 & PASSWORD0: First Telnet user and password. Up to 19 characters each.
USER1 & PASSWORD1: Second Telnet user and password. Up to 19 characters each. Always define the 2 users
to disable the default user and password.

FTP ACCESS

Up to 2 authorized FTP users can be configured on the WS10. With factory settings, the WS10 has one configured FTP user (ftp/ftp). Since the
second user is not configured, the anonymous ftp user is enabled. It is not recommended to disable the FTP server, since it is the only path to
access and change the configuration files. Always define the 2 FTP users to increase the security.

FTP configurations are located at the [FTP] section of the system file CHIP.INI, exemplified below:

[FTP]
ENABLE=1
TIMEOUT=300
LOGINDELAY=0
USER0=TELNET
PASSWORD0=TELNET
ACESSRIGHT0=0
USER1=SUPERVISOR
PASSWORD1=SUPER
ACESSRIGHT1=0

The FTP function is configured at the [FTP] section. Only make changes to this section!
ENABLE: 1 to enable and 0 to disable the FTP server.
TIMEOUT: Time in seconds of inactivity before the FTP connection be closed by the WS10.
LOGINDELAY: Enable progressive delay on the next login when an invalid username or password is submitted. 1 to
activate and 0 to deactivate this feature.
USER0, PASSWORD0 & ACCESSRIGHT0: First FTP user and password. Up to 19 characters each.
ACCESSRIGHT 0 allows read/write rights for the user, 1 allows read only rights.
USER1, PASSWORD1 & ACCESSRIGHT1: Defines the second FTP user. Always define the 2 users to disable the
default user and password.

HTML PAGE SERVER

Authentication to the served pages can be enabled at the [AUTH] section of the WEBS.CFG file. Additional configurations are located at the [WEB]
section of the system file CHIP.INI, exemplified below:

[WEB]
ENABLE=1
ROOTDIR=A:\WEB
HTTPPORT=80
USER0=WEB
PASSWORD0=WEB

The WEB function is configured at the [WEB] section. Only make changes to this section!.
ENABLE: 1 to enable or 0 to disable the WS10 page server service.
ROOTDIR: Defines the root folder of the web server files. All files located at this folder and its sub-folders are
accessible using the web browser.
HTTPPORT: HTTP listening port. Usually 80.
USER0 & PASSWORD0: User name and password to access the PUT method of transferring files to the server root
folder. Always define a user and password for this function.