0

I have installed Ejabberd in our AWS Server

We are developing an iOS messenger app and we don't want other clients to access our messaging server other than our iOS app.

All the ejabberd services should be accessible only by our iOS app,

  1. To register
  2. To login
  3. To send message and use any other service.

What are all the configurations and settings should I have to do to secure our server?

gvm
  • 1,153
  • 3
  • 12
  • 19

2 Answers2

1

There is no 100% way to disable other clients from mimicking your own client. You may use different protocol, or one more layer of encryption or special marks that allow your server use to make sure that client is yours. But if someone will have desire to write his own client, he'll use your own client to understand what should be sent on the wire.

Dmitry Belyaev
  • 2,573
  • 12
  • 17
  • can you brief or give me some helpful links about "one more layer encryption" and "special marks"? – gvm Jul 09 '13 at 06:15
  • You can have your client to supply special values while negotiating stream for example build number. Server knows which build numbers are allowed to connect to it and for example which encryption key is used to encrypt or sign data. When data comes server decrypts or checks if that data was signed properly and understands that the client was genuine. This way makes standard client unable to operate with your server. And if you get alien client mimicking yours, just update that secret key in a new client, make users update from the old one and ban that old build. That's not easy though. – Dmitry Belyaev Jul 09 '13 at 07:27
  • Great, where should I validate the signed data, I mean where can I read them? Should I have to know Erlang to do this or can it be done with php? – gvm Jul 10 '13 at 09:51
1

XMPP is build on the top of TCP so there is no good way of restricting access to the server socket. If you want to be compliant with XMPP you need to use encryption, otherwise use your own custom protocol (like Skype).

user425720
  • 3,578
  • 1
  • 21
  • 23