Skip to main content

System Settings

Network settings

💡
Required user level: Owner

Go to System Settings > Network

Networking

SOS can be accessed through the network with a web browser. Accessing SOS through the network is enabled by default but can be disabled by unchecking Enable Networking.

Disabling networking will make SOS only accessible on the computer running the software via localhost.

Address

The SOS Address is set by default to the Private IP Address assigned to the computer by the local network. You can access SOS from any device on the network by entering your Private IP Address into a web browser.

Custom Domain

You can setup your SOS software to use a custom domain. If you do not have a domain, you can get one from domains.kolkin.com.

To use a custom domain, enter your domain or subdomain into the Custom SOS Address field. SOS will display the domain address throughout the app and use it to make links.

Note: This alone is not enough to use a domain. You also need to point the DNS of your domain to the Public IP Address of the computer or VM running SOS.

Network Security (HTTPS)

HTTPS can be enabled for SOS by checking Enable Transport Layer Security (TLS/SSL) and uploading valid TLS/SSL certificate files. This allows encrypted connections to SOS from web browsers.

When enabled, SOS forwards all HTTP connections to HTTPS (Port 80 to 443).

SOS expects certificates in PEM format.

Certificate Creation Tools

Self-Signed Certificate
To enable HTTPS immediately, use the Create Self Signed Certificate button to generate your own self-signed Private Key and Certificate files. This method is secure but may cause warnings in web browsers.

Certificate Signing Request (CSR)
SOS has a build in tool for creating a secure Private Key and CSR. A CSR is required by a Certificate Authority to issue a valid SSL Certificate for your domain.

Let's Encrypt – (Free SSL)
SOS offers free valid SSL Certificates though Let's Encrypt. Learn more about the SOS Let's Encrypt feature.

Access Control List (ACL)

Scroll to the bottom of the Network tab to see the Access Control List settings. Enabling the Access Control List (ACL) will limit access SOS to specific IP Address ranges. 

The default entry if left blank is 0.0.0.0/0 which allows all traffic. Multiple IP Address entries and ranges can be listed in the ACL.

The subnet mask is expressed using CIDR notation to indicate the fixed portion of the network.

Simple examples:

0.0.0.0/0 allows all traffic
116.0.0.0/8 allows traffic from IP addresses matching 116.x.x.x (16 million IP addresses)
8.215.0.0/16 allows traffic from IP addresses matching 8.215.x.x (65,000 IP addresses)
4.16.20.0/24 allows traffic from IP addresses matching 4.16.20.x (256 IP addresses)
3.17.243.95/32 allows only this exact IP address