HTTPS Isue
furure-software opened this issue · 6 comments
I have the beef script included in a website, but the counsel outputs an error saying that the requested script is insecure. Any help?
Modern web browsers refuse to load JavaScript resources on HTTPS pages from HTTP sources. As such, you will need to either enable HTTPS or host BeEF behind a HTTPS reverse proxy.
Note that if you enable HTTPS you must use a valid certificate signed by a trusted certificate authority. Self-signed certificates are not trusted. Web browsers will not connect.
Modern web browsers refuse to load JavaScript resources on HTTPS pages from HTTP sources. As such, you will need to either enable HTTPS or host BeEF behind a HTTPS reverse proxy.
Note that if you enable HTTPS you must use a valid certificate signed by a trusted certificate authority. Self-signed certificates are not trusted. Web browsers will not connect.
Hi, thanks! So if I just set https to true on config.yaml it will work as https?
Hi, thanks! So if I just set https to true on config.yaml it will work as https?
That will enable HTTPS using the default self-signed certificate. Browsers won't trust this certificate. You will need to use a trusted certificate. Alternatively, host BeEF behind a HTTPS front end reverse proxy and set the appropriate public host/port: https://github.com/beefproject/beef/wiki/FAQ#can-i-use-a-domain-name-instead-of-ip-address-for-the-beef-hook
Hi, thanks! So if I just set https to true on config.yaml it will work as https?
That will enable HTTPS using the default self-signed certificate. Browsers won't trust this certificate. You will need to use a trusted certificate. Alternatively, host BeEF behind a HTTPS front end reverse proxy and set the appropriate public host/port: https://github.com/beefproject/beef/wiki/FAQ#can-i-use-a-domain-name-instead-of-ip-address-for-the-beef-hook
Ok, awsome! Do you know how I can get a trusted certificate?
This issue as been marked as stale due to inactivity and will be closed in 7 days
Please join the BeEF discord to discuss this issue. Someone there might be able to help https://discord.gg/ugmKmHarKc*