Siemens SIMATIC S7-1200 System Manual page 1006

Hide thumbs Also See for SIMATIC S7-1200:

Table of Contents

12.2 Configuring Web server users

If you have set a user-defined Web page to be the entry page (Page 1058) for the Web

server, the Everybody user must have the "Open user-defined web pages" privilege.

Access to Web server

Granting privileges to the "Everybody" user makes it possible to log in to the Web server

with no password. Unauthorized access to the CPU or changing PLC variables to invalid

values could disrupt process operation and could result in death, severe personal injury

and/or property damage.

Because the "Everybody" user when granted sufficient privileges can perform operating

mode changes, writes to PLC data, and firmware updates with no password, Siemens

recommends that you observe the following security practices

• Enable access to the Web server only with the HTTPS protocol.

• Password-protect Web server user IDs with a strong password. Strong passwords are at

• Do not extend the default minimum privileges of the "Everybody" user.

• Perform error-checking and range-checking on your variables in your program logic

• Use a secure Virtual Private Network (VPN) to connect to the S7-1200 PLC Web server

least ten characters in length, mix letters, numbers, and special characters, are not

words that can be found in a dictionary, and are not names or identifiers that can be

derived from personal information. Keep the password secret and change it frequently.

because Web page users can change PLC variables to invalid values.

from a location outside your protected network.

S7-1200 Programmable controller

System Manual, V4.2, 09/2016, A5E02486680-AK