Surprisingly many TP Link routers allow remote access from all IP’s, with the username and password “admin”. Turning this off is simple!
1. To find out if you are effected by this, click on the link in https://linuxthefish.net/ipcheck.php. If you can see a TP-LINK login box, you are effected by this.
2. Login with the username “admin”, and the password “admin”. Once you have done this, select System Tools, then Password.
Enter “admin” into the old username and password fields, then enter a SECURE username and password into the 3 boxes titled “New User Name”, “New Password” and “Confirm New Password”. Once you have done this, click Save.
3. Click Security, then Remote Management. From here, change the “Remote Management IP Address Box” to 0.0.0.0
4. Click Save, then Reboot if prompted. Once rebooted, click the link in https://linuxthefish.net/ipcheck.php. If you can’t reach the page, then your router is now secure.
Leaving router access open to the world should NOT be done, as it can be used for malicious purposes – most routers are miniature Linux PC’s, and support running custom programs!