OpenWISP is a central controller for routers/APs; compromise can affect large fleets.
¶ Controller and API Security
- Restrict admin/API access to management networks via firewall rules
- Enforce RBAC - Use organization-based permissions and role separation
- Enable HTTPS - Always use TLS termination (reverse proxy recommended)
- Protect API tokens - Rotate device credentials and API keys regularly
- Session management - Configure session timeouts in Django settings
¶ Device Trust and Provisioning
- Secure onboarding - Use device certificates for authentication
- Validate firmware - Only deploy signed firmware images
- NetJSON over HTTPS - Encrypt all device-controller communication
- Audit config pushes - Review configuration change history
- Rollback capability - Keep previous known-good configurations
- Strong passwords - Use complex passwords for PostgreSQL
- Network isolation - Database should only be accessible from OpenWISP containers
- Regular backups - Encrypt and securely store database backups
- Access logging - Monitor database access patterns
- Non-root containers - Run containers with minimal privileges
- Read-only volumes - Mount static assets as read-only where possible
- Network segmentation - Use Docker networks to isolate services
- Regular updates - Keep base images updated