Hi Not sure if this is the correct page for this but I stumbled across this.
If you search google for “ConnectWise Control Remote Support Software”
Google has indexed lots of sceenconnect portals, a lot of which are running none HTTPS.
-
I advise if you are using screenconnect that the login page is only accessible for the countries you require it or just accessible internally if possible.
-
Rename the default “ConnectWise Control Remote Support Software” to something else so its not so easy to scrape these on google.
-
Not sure if its possible to have the guest portal show to allows users to login but completely block the login page from being exposed to the outside world.
-
Use some sort of GeoIP blocking for the HTTPS page if you dont have clients in said countries.
I think its alarming how many screenconnect/connectwise users that are out there with no HTTPS on the pages. Being such an old and popular product. A lot of people must have done the set it and forget it attitude.