14.2 Network Configuration

Path: Port 9443 Appliance Console > Configuration icon > Network

Table 14-2 Using the Network (Port Redirection) dialog

Field, Option, or Button

Information and/or Action

Network (Communication Configuration) dialog

Network Support (Network Communication Configuration)

  • Port Redirection

  • Select this option to have Filr automatically redirect from ports 80 or 443 (which are the standard ports for Web browsers) to ports 8080 and 8443 (which are the default ports that Filr listens on). Enabling port redirection in this way allows users to specify the Filr site URL without including the port number. If port redirection is not enabled, users must include the port number in the site URL when accessing the Filr site.

IMPORTANT:When port redirection is enabled, ensure that the reverse proxy ports are set to 80 for the HTTP port and to 443 for the secure HTTP port. If they are not, URLs that are sent with Filr email notifications will continue to have the default port (8443) in them.

For information about how to change the reverse proxy ports, see Reverse Proxy Configuration Settings.

  • HTTP Port:

  • The default HTTP port is 8080. As a best practice, do not change this from the default port.

    • Select Enabled if you want to enable the HTTP port. By default, only the Secure HTTP port is enabled.

    • Select Force Secure Connection to force users to connect to Filr over a secure connection (HTTPS).

      See Port Numbers for more information about port numbers in Filr.

  • HTTPS Port:

  • HTTPS Port: The default secure HTTP port for Filr is 8443. As a best practice, do not change this from the default.

    See Port Numbers for more information about port numbers in Filr.

  • AJP Port:

  • If the AJP connector is listening on port 0.0.0.0, then to avoid the ghostcat vulnerability, a new attribute is added to the AJP Connector in the /opt/novell/filr/apache-tomcat/conf/server.xml file:

    • address="0.0.0.0"

    • secretRequired="true"

    • secret="changeit"

      The secret value should be changed to a complicated value and shared with reverse proxy.

  • For an explanation of the Apache JServ Protocol port, see The AJP Connector.

  • Session Timeout

  • By default, if the Admin Console session is idle for four hours (240 minutes), Filr logs the idle user out. For increased convenience to Filr users, you can make the session timeout interval longer. For increased security for your Filr site, you can make the session timeout shorter. The minimum value for this field is 20 (minutes).

  • This setting is not valid for the Web UI that is available in Filr 4.2 and later. The default session timeout for Web UI is 15 minutes and the token gets refreshed every 5 minutes. If you want to change these values, add the following parameters to the ssf-ext.properties file:

    • filr.token.expiration.interval=900

    • filr.token.refresh.window=300

    The filr.token.expiration.interval is the session expiry timeout and value is given in seconds. The value recommended is 900 (15 minutes -(15 X 60)).

    The filr.token.refresh.window is for token Refresh and value is specified in seconds. After this period of time, a new token is issued and it extends the session. The refresh timeout recommended is 300 (5 minutes - (5 X 60)).

  • Forward Proxy Host Name

No longer used.

  • Forward Proxy Port

No longer used.

  • Enable TLS v1.2 Protocol ONLY

No longer used. By default, Force Secure Connection is enabled.

OK button

  • Click this to save your changes, then click Reconfigure Filr Server.

    This stops and restarts your Filr server. Because this results in server downtime, you should restart the server during off-peak hours.

    Current user sessions are not affected. To see changes, users must log in to a new session.

Cancel button

  • Click this to cancel the changes you have made.