Urgent security message for all NG/MF customers

Choose your language

Choose your login

Contact us

Help Center menu


PaperCut NG & PaperCut MF Manual


Enforce HTTPS communication

You can connect to PaperCut NG/MF using either HTTP or HTTPS, however, you can enforce the use of HTTPS in one of the following ways:

  • Redirect to HTTPS/SSL if available—Redirect HTTP connections to HTTPS. The redirect is performed every time a user attempts to access PaperCut via HTTP, which can allow some vulnerability around man-in-the-middle attacks.

  • Use HTTP Strict Transport Security (HSTS)—HSTS instructs the browser to only connect via HTTPS and not HTTP for a configured timeout period. The redirect is performed only once in the timeout period when the user first logs in rather than every time the interface is accessed. This minimizes the chance of man-in-the-middle attacks.

To enforce HTTPS communication:

  1. Test the connection to PaperCut NG/MF on port 443:

    1. In a browser, connect to https://<Application Server address>.

    2. Check that the URL does not include “:9192” at the end.

  2. Select Options > Advanced. The Advanced page is displayed.

  3. In the Security area:

    1. Select the Redirect to HTTPS/SSL if available check box.

    2. If you want to connect using HSTS, select the Use HTTP Strict Transport Security check box.

  4. Click Apply.

  5. Restart the Application Server. (See Stop and start the Application Server).

  6. Perform a test print job to test all MFDs/printers to ensure they can still submit information to the Application Server.