What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How secure is it to access the PRTG web interface with Firefox?

Votes:

0

I use the Mozilla Firefox web browser to connect to the PRTG web interface. Is it secure to access PRTG with Firefox? Are there cross-site scripting vulnerabilities that make XSS exploits possible?

firefox prtg reghack registry security xss

Created on Jun 30, 2016 3:56:31 PM by  Gerald Schoch [Paessler Support]

Last change on Sep 3, 2019 12:20:30 PM by  Maike Guba [Paessler Support] (2,404) 2 1



1 Reply

Accepted Answer

Votes:

2

This article applies as of PRTG 22

XSS exploits in Firefox and PRTG security

PRTG comes with the highest security standards possible for monitoring tools and we are constantly improving and updating these standards (just look for "security" in the PRTG version history).

PRTG is also well protected against cross-site scripting (XSS) attacks. To eliminate this danger as far as possible, the PRTG web server removes all custom HTML parameters from HTTP requests that could potentially be used for XSS exploits. This XSS filter works on Google Chrome and Internet Explorer but Firefox still does not support the used HTTP header X-XSS-Protection (see Bug 528661 on Bugzilla@Mozilla).

This means that Firefox is potentially vulnerable to XSS exploits. For PRTG, these exploits are only possible if you click phishing links that contain malicious code, for example, in emails, and you are currently logged in to PRTG with Firefox. The best protection against XSS vulnerability is to never click suspicious links anywhere and to make sure that emails you receive from PRTG or Paessler AG are really coming from your PRTG core server or Paessler AG.

For security and performance reasons, we strongly recommend that you always use the latest version of Google Chrome to access the PRTG web interface.

Enhancing security for PRTG access with Firefox

If you want to minimize the risk of XSS exploits in Firefox, you can enhance security with a registry key option for PRTG. This option prevents custom HTML parameters from being loaded in PRTG. Note that if you set this option, the content of error pages in PRTG is no longer correctly displayed. Also, be aware that Firefox is not completely safe from XSS even then, so always watch out for phishing attempts.

Steps to take

Important notice: Back up your system before manipulating the Windows registry.
  1. Open the registry editor and go to the following subkey:
    1. On a 64-bit Windows system, go to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Paessler\PRTG Network Monitor\Server\Core
    2. On a 32-bit Windows system, go to HKEY_LOCAL_MACHINE\SOFTWARE\Paessler\PRTG Network Monitor\Server\Core
  2. Create a new DWORD:
    1. In the current subkey, right-click to open the context menu.
    2. Select New | DWORD Value
    3. Name the new value ForceReplaceParams.
  3. Set the value of ForceReplaceParams to 1:
    1. Right-click the DWORD ForceReplaceParams.
    2. Select Modify.
    3. In the value field, enter 1.
    4. Confirm with Ok.
  4. Restart the PRTG core server to activate the settings.

This registry key option removes custom HTML parameters when accessing the PRTG web interface and reduces the risks of XSS attacks. PRTG error pages are not correctly displayed if this option is enabled. Set the DWORD value to 0 to revert to default.

Created on Jun 30, 2016 3:59:22 PM by  Gerald Schoch [Paessler Support]

Last change on Jan 4, 2023 2:37:12 PM by  Brandy Greger [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.