Exposed Admin Interfaces

I didn’t know about exposed admin interfaces before these scans from threatview (which flagged it) I don’t know how to address this myself, anyone have any advice?

It would be best to speak to whomever manages your website and ask them to lock down the Admin interfaces so that only known and previously configured network addresses can connect, meaning those pages are no longer exposed to the internet.


I’ve now spoken to my developer and they’ve told me that they can’t lock it down to specific IP addresses as they access it from different IPs, they said they’ll think of some other solutions

Well you could ask them to insure that those that can connect to the admin interfaces use longer and more complex passwords which adds another layer of protection as does multi-factor authentication and maybe even changing the URL/location to something difficult to guess.


Thank you! I will make those suggestions to the team