One of the most frequent form of router attacks are directed towards the Web UI. Here are several things you can do to secure the Web UI of your Peplink / Pepwave router, all of which are accessible on your Web UI by navigating to System > Admin Security

1) Change Your Admin Password, Make Your Web UI accessible only from the LAN
For security reasons, after logging in to the web admin Interface for the first time, it is recommended to change the administrator password. Configuring the administration interface to be accessible only from the LAN can further improve system security.

2) Share a User Account, Keep an Admin Account
There are two types of user accounts available for accessing the web admin: admin and user. They represent two user levels: the admin level has full administration access, while the user level is read-only. The user level can access only the device’s status information; users cannot make any changes on the device.

3) Shorten your Web Session Logout Time
A web login session will be logged out automatically when it has been idle longer than the Web Session Timeout. The default value is 4 hours. If your router is protecting a particularly sensitive network, you can set this value lower to improve your router security.