Accessing BlueIris via HTTPS

Overcon

Overcon

Getting the hang of it
Aug 6, 2014
196
31
Hi,

I just got BlueIris setup a while ago and I got it open through my Firewall to access it from around the world. The issue I am having is if there is a way to setup blueIris to only allow HTTPS connections to it's Web Server? Right now it is just normal old HTTP and packets can be captured and you can read the username and password (so I read here), but I don't see a means of enabling HTTPS except to talk to the cameras, which is not what I need (I use it when available, but I want to login to BlueIris via HTTPS).

Does anyone know how to set this up? Can it be done?

Thanks!
 
Welcome to the forum. From the BI help file..
"How to use HTTPS (SSL) with the Blue Iris web server
When you have selected Secure Only on the Options/Webserver page, you are presented with a Blue Iris login page instead of the browser's own username/password form. When this login page is used, your user name and password are NOT sent to the Blue Iris web server. A secure hash (encryption) is created from a combination of these credentials and a unique session key.While your authentication is securely protected by this mechanism, some users will want to know that the actual video itself is encrypted. This is only possible with the use of an add-on SSL (Secure Socket Layer) technology.We have recently discovered stunnel (www.stunnel.org) which you may install as a service onto your PC. Instead of configuring your router to forward traffic to Blue Iris, you would configure that traffic to go to stunnel, and then configure stunnel to then forward the traffic to the Blue Iris web server. For example, external port 443 (the standard HTTPS port) forwards to stunnel port 443, and stunnel forwards to Blue Iris on the same PC on port 80 or 81.
 
  • Like
Reactions: ItechashardasIcanbro, sspeed, NetWorker and 4 others
fenderman said:
Welcome to the forum. From the BI help file..
"How to use HTTPS (SSL) with the Blue Iris web server
When you have selected Secure Only on the Options/Webserver page, you are presented with a Blue Iris login page instead of the browser's own username/password form. When this login page is used, your user name and password are NOT sent to the Blue Iris web server. A secure hash (encryption) is created from a combination of these credentials and a unique session key.While your authentication is securely protected by this mechanism, some users will want to know that the actual video itself is encrypted. This is only possible with the use of an add-on SSL (Secure Socket Layer) technology.We have recently discovered stunnel (www.stunnel.org) which you may install as a service onto your PC. Instead of configuring your router to forward traffic to Blue Iris, you would configure that traffic to go to stunnel, and then configure stunnel to then forward the traffic to the Blue Iris web server. For example, external port 443 (the standard HTTPS port) forwards to stunnel port 443, and stunnel forwards to Blue Iris on the same PC on port 80 or 81.
Click to expand...

Thanks, that's perfect and releases a lot of worry I had opening it up to the world.
 
Mike said:
I know I'm bumping an old thread, but I wanted to link to this thread regarding Stunnel and running Blue Iris via https - http://www.ipcamtalk.com/showthread.php/2131-stunnel
Click to expand...

Hello, new to the forum but it looks like a great resource. I have been experimenting with ipcams and have downloaded the blue iris trial version, I have used other programs and have been able to access remotely via their server port forwarding etc.

I like blue iris and feel that it will meet my needs for a small home security system 4-5 cameras. I have a couple questions for you gurus:
1. As most people are, I am concerned with privacy etc. I know that blue iris offers https through stunnel, does this work well? I would be using it on a home computer that serves many purposes not just a server, and I want to make sure it won't open my computer to any security issues.

2. Is a vpn a better option? I have not seen any information on how to set up an on-line service vpn like tunnelbear etc. with blue iris, has anyone done this? If so, how does that work, i.e. do you set up the vpn from your computer to the on-line vpn and then to blue iris, or ??
Please let me know as I want my home computer to be secure as well as when I remotely view the cameras.
Thank you in advance!
 
  • Like
Reactions: DSE
@ipcamdude22 Welcome to the forum. The blue iris connection is secure even without the use of https however the video itself will not be encrypted unless https is used.
VPN is the most secure method. Tunnelbear is not the type of vpn your want. Those services are designed to let you browse anonymously. What you are looking for is a service that will allow you to remotely connect to your lan. Once setup, your phone will act as though its on your local network. You will only need the blue iris local ip address to connect. Many routers have this function. You can also use something like logmein's hamachi vpn.
 
fenderman said:
@ipcamdude22Welcome to the forum. The blue iris connection is secure even without the use of https however the video itself will not be encrypted unless https is used.
VPN is the most secure method. Tunnelbear is not the type of vpn your want. Those services are designed to let you browse anonymously. What you are looking for is a service that will allow you to remotely connect to your lan. Once setup, your phone will act as though its on your local network. You will only need the blue iris local ip address to connect. Many routers have this function. You can also use something like logmein's hamachi vpn.
Click to expand...

Thank you for the quick reply and welcome fenderman. I have a netgear wndr3700v4 and it does not support VPN to my knowledge. I know I can set one up on windows with PPTP. I would be accessing it remotely from time to time on my phone and tablet, any suggestions? How is the setup with hamachi, any cost to that one?
 
ipcamdude22 said:
Thank you for the quick reply and welcome fenderman. I have a netgear wndr3700v4 and it does not support VPN to my knowledge. I know I can set one up on windows with PPTP. I would be accessing it remotely from time to time on my phone and tablet, any suggestions? How is the setup with hamachi, any cost to that one?
Click to expand...
I believe hamachi has a 29 dollar yearly cost. Asus routers have vpn built in.
 
I would also suggest that you buy a dedicated pc to run blue iris. VMS software should not be run on a pc dedicated to other tasks.
 
ipcamdude22 said:
Ok I downloaded the manual and it looks there is afree service for up to five, also would. Laptop work to run bi?
Click to expand...
it depends on the laptop and the total number of cameras and the resolution you will run them. For most installs, a 300 dollar i5-haswell is sufficient (dell optiplex, hp elitedesk, see threads on those).
 
ipcamdude22 said:
Hello, new to the forum but it looks like a great resource. I have been experimenting with ipcams and have downloaded the blue iris trial version, I have used other programs and have been able to access remotely via their server port forwarding etc.

I like blue iris and feel that it will meet my needs for a small home security system 4-5 cameras. I have a couple questions for you gurus:
1. As most people are, I am concerned with privacy etc. I know that blue iris offers https through stunnel, does this work well? I would be using it on a home computer that serves many purposes not just a server, and I want to make sure it won't open my computer to any security issues.

2. Is a vpn a better option? I have not seen any information on how to set up an on-line service vpn like tunnelbear etc. with blue iris, has anyone done this? If so, how does that work, i.e. do you set up the vpn from your computer to the on-line vpn and then to blue iris, or ??
Please let me know as I want my home computer to be secure as well as when I remotely view the cameras.
Thank you in advance!
Click to expand...

I don't think there is an answer to you questions.
1. Your using a consumer router/access point, easily "hacked/back door
2. VPN's are the best option, but not necessary. Look into pfSense...
3. Home Surveillance works best when it is public. IE. Post stickers on windows, a nice signs outside.

http://pfsense.org/
 
wcrowder said:
I don't think there is an answer to you questions.
1. Your using a consumer router/access point, easily "hacked/back door
2. VPN's are the best option, but not necessary. Look into pfSense...
3. Home Surveillance works best when it is public. IE. Post stickers on windows, a nice signs outside.

http://pfsense.org/
Click to expand...
So if you are using the "secure only" and stunnel, do you think it is necessary to have a router that supports vpn as well or is that really not necessary?
Thanks
 
fenderman said:
@ipcamdude22Welcome to the forum. The blue iris connection is secure even without the use of https however the video itself will not be encrypted unless https is used.
VPN is the most secure method. Tunnelbear is not the type of vpn your want. Those services are designed to let you browse anonymously. What you are looking for is a service that will allow you to remotely connect to your lan. Once setup, your phone will act as though its on your local network. You will only need the blue iris local ip address to connect. Many routers have this function. You can also use something like logmein's hamachi vpn.
Click to expand...

If you had to your choice, which route would you go? What do you consider the ranking of these four options?

1. logmein hamachi
2. stunnel
3. router VPN
4. secure only MD5 hash

Thanks!
 
You must log in or register to reply here.
Top Bottom