Feature Suggestions

Perhaps there could be multiple log ins to the Apex and have the option to make one of them read only, so someone can get any data from the Apex and look through the programs even to see how things are set up, but they would be unable to make any changes.(including manual control, programming, and settings)

I think this would be a very good idea, though I am sure it isn't something that hasn't been considered before. Really hope to see this come with an updated firmware in the near future.

Total props though to Neptune for all the new stuff already coming out. I can't imagine that Neptune is a very large company, but they seem to be working actively on a lot of new stuff and are leaps and bounds above the competition already.
 
karlinkelly said:
With all the websites out there some of us are using to connect to/monitor our controllers, something really should be done about security to avoid the risk of someone tampering with our controller programming and potentially causing very costly damages.

Can we get SSL on the web interface? If this isn't added, the possibilty of someone grabbing our credentials to get into a controller is very high. At least setup a mechanism thats more secure than basic authentication - clear text over the wire. In fact, I would suggest that people not be too quick to share their apex username/password with any other site until this is done - it is a risk!
Click to expand...

As the operator of one of those third-party web sites - and a security-minded IT professional - I agree with you... to an extent.

Having helped dozens and dozens or controller owners get their controllers and routers configured for access from the Internet, I know that way too many folks don't want to bother changing the username and password. Consequently, I have a strict policy stated in my FAQ:

In the interest of security and safety of your aquarium, Reeftronics will not accept membership requests for controllers which have the default user name and password.

I have taken very specific precautions to prevent the compromise of the controller credentials stored on my web site. I know that Kenargo has done the same with his web site. I also encourage use of strong passwords. Frankly, I wish I didn't need Reeftronics members to provide credentials at all... but due to the architecture of the web server embedded in the AC3 and Apex, it is not possible to have some portions anonymously accessible (i.e. the XML data used by Reeftronics) and the rest protected.

I would like to see the Apex & AC3 require a change of username and password at first login. And I'd also like to see the ability to change the username & password via the web interface... it's rather cumbersome to do via the display.

Regarding SSL.... from one perspective, I agree with you. But one must understand that SSL can create a significant demand for precious CPU cycles in an embedded device. Also, self-signed certificates would be a real PITA for the many "less-than-technically-inclined" owners ;) And the alternative to a SS cert - a public CA - has its own share of gotchas.


Can we get a notification email whenever programming changes occur? I like this idea!
 
I have to agree, without SSL I cannot expose my APEX – way too many risks. However, I am considering the following solution a cheap Cisco VPN router and a soft client. Currently, I leave the IP blocked via my router. I will RDP back to my home network and open the port if needed. Sadly This requires my PC @ home to be on all the time
 
I don't think I've run across it in all my research so I'll post it here. Is there a possibility of adding a way to cycle your different status pages automatically? I already have a few pages set up the way I want but I have to physically scroll through the pages to keep on eye on the different readings.:beer:
 
cm11599ps said:
Is there a possibility of adding a way to cycle your different status pages automatically? I already have a few pages set up the way I want but I have to physically scroll through the pages to keep on eye on the different readings.:beer:
Click to expand...

I like it to stay still the way it is now. If they build that in I hope it is an option and not the way it always is.
 
Of course an option. For some people its pointless. If you're monitoring multiple tanks or probes it would be beneficial.
 
You must log in or register to reply here.

Similar threads

F
Profilux vs Apex
Replies
2
Views
687
kharmaguru
kharmaguru
andiserax
OCEANBERRY - The DIY aquarium controller
Replies
4
Views
4K
Misled
Misled
A
Space for equipment and Siphon use
Replies
1
Views
2K
Vinny Kreyling
Vinny Kreyling
F
My scalable battery backup with feed mode
Replies
0
Views
560
fe342185
F
slief
NEW Apex FMK Flow Monitoring kit with two 1/2” flow sensors & one 1” flow sensor
Replies
1
Views
737
slief
slief
Back
Top