[Mikhail]

Hello,
Could you clarify the question and provide an example screenshot?

[Mikhail]

The Communicator application successfully connects to Server. However, the web app cannot connect.
Please copy what is written in Webstation log, ScadaWeb.log?

[Mikhail]

Hello,
Do you use Linux?
Please open the Administrator application, open the HelloWorld project and check the log file of the Webstation application.
Or just find logs in the file system and check ScadaWeb.log.

[Mikhail]

Note that you can find similar security reports for any well known SCADA software. Since Rapid SCADA is open source, its internal structure has been tested by many professional developers and we respond to their feedback.

There are many Rapid SCADA instances available on the Internet that work reliably for many years.

[Mikhail]

What you should do to protect the system:
1. Follow the safety recommendations.

2. Restrict access to your project. It’s recommended to store project on GIT in private repository. It helps to control any changes made in the project.
If an attacker changed your project, he could access the server’s filesystem by read and write operations from the scripts. Also he could add hyperlinks to external resources on the schemes.

3. Restrict access to the production server. It’s obvious.
Use firewall.

4. If Rapid SCADA is hosted in the cloud, enable captcha and use Guard Plugin for additional security.

5. Use strong passwords in production environment. Change all default passwords.

6. Run Rapid SCADA services with lower privileges instead of system (root) user.

• This reply was modified 1 year, 11 months ago by Mikhail.
• This reply was modified 1 year, 11 months ago by Mikhail.

[Mikhail]

Hello,
We also checked those CISA reports some time ago. The above links does not contain steps to reproduce the issues, therefore I can answer in general.

In v6 the following security improvements were made:
1. Encrypt passwords in configuration files.
2. Store only password hash for user passwords.
3. Encrypt sensitive information in TCP application protocol.
4. Brute force protection.
5. The web app can redirect only to a local page on user login.
6. Use more secure default installation directory on Windows.

[Mikhail]

Restart SCADA-Server, then check ScadaServer.log. Copy start messages from the log here.

[Mikhail]

> Could not connect to server:BadHostUnknown
This error means that the computer where the OPC server is installed cannot be found by the client.

[Mikhail]

Hi,
When a PC starts, the services should start automatically. You can check the startup type of the services in the Services console.
Make sure that TCP port 10000 is not used by another application rather than SCADA-Server.

[Mikhail]

The web app does not show its status, therefore it’s written that it is not supported. To fix the issue, check log files of the applications.

[Mikhail]

Hi,
Using the Administrator application try the following:
1. Add a new custom archive in Configuration Database – Secondary Tables – Archives
2. Add the corresponding archive in Server – Archives, and configure the archive options.
3. Configure Chart Pro plugin to display data from your archive.

If something in the above sequence is not clear, be free to ask.

[Mikhail]

You should enable incoming TCP connections to the port 62541 in the firewall settings.

[Mikhail]

Hi,
Are there any errors in log files?
Rapid SCADA OPC UA server can be accessed remotely.

If you need to publish OPC DA data to MQTT, you can try a Communicator data source that uses the DrvDsMqtt driver.

[Mikhail]

Hi,

will you prepare new models for Version 6?

Please check this answer.

[Mikhail]

1. Open Server – Archives, create a new archive and configure its properties.
2. Open the Archives table and add the created archive to the table.
3. If you set the Default checkbox, you don’t need any changes in channels.
If the archive is not default, set the archive mask of the channel.

[Author]

Posts