Overview

We can enforce the use of SSL and encrypted communication in the Security settings of the configuration. This article serves as an information context after setting up an SSL certificate signing request. The article also describes the security features used in the Kerio Connect administration interface.

Information

• In the security policy, select Require encrypted connection.
• This redirects insecure HTTP connections to HTTPS otherwise, it rejects the connection (You can also think of it as a rewrite of HTTP to HTTPS, but in reality, it is a redirect)
  
  
  • NOTE: This setting does not impact SMTP to ensure mail delivery
    
    
  
  
  
• Another important security feature is the Login Guessing Protection.
• Any messaging system accepting SMTP or other protocols supporting authentication is susceptible to password guessing and brute force attacks.
• This feature, therefore, prevents password guessing by locking out the remote host after three failed login attempts within one minute.

Related article

Generating an SSL Certificate Signing Request in Kerio Connect