is there a way to have the json rpc interface encrypted? or to have the “session”, “login” request encrypted so that the password for the router isn’t simply sent over as plaintext?
Could this be done by sending the POST requests over HTTPS instead of HTTP?
However, it should be noted that the router uses self-signed certificates, thus the most secure way to use JSON-RPC remotely is via a VPN tunnel.
It should be noted that HTTPS access must be enabled in System → Access Control in order for JSON-RPC to work via HTTPS.
Hope this helps!
