[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4326: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4328: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4329: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4330: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
Secure Webend?
Sign up here and you can log into the forum!

Secure Webend?

General homebrew discussion area

Secure Webend?   

Postby rhough01 » Wed Aug 19, 2015 12:13 am

Hi

I've just upgraded to 0.5.1.1 / 0.5.2.2 and have started to use rTorrent for the first time via a private tracker. Nice handy feature.

I have changed the webend default password, and can happily access the little box from outside my router.

Is there a way to make the login go via HTTPS rather than HTTP to encrypt this password?

I know WDLXTV wasn't designed to have external access, but it would be handy to access it now and again in a more secure environment.

On another note, I seem to be having difficulty changing the webend password a second time. It kept my old (non default) one from before the firmware upgrade, but every time I change it and reboots - it doesn't "stick"

Thanks
rhough01
n00b
 
Posts: 6
Joined: Mon Oct 24, 2011 1:05 pm

Re: Secure Webend?   

Postby mad_ady » Thu Aug 20, 2015 4:40 am

I don't know about passwords not sticking, but in theory you can configure the apache server to start on 443 with HTTPS. However, you'll need to manually edit apache's config file (which is in the read only part of the firmware) and override the original file. It's doable, but you need to understand what you're doing... :)

Here's a more secure alternative - use ssh to connect from the internet and tunnel port 80 through ssh.
User avatar
mad_ady
Developer
 
Posts: 4575
Joined: Fri Nov 05, 2010 9:08 am
Location: Bucharest, Romania

Re: Secure Webend?   

Postby rhough01 » Thu Aug 20, 2015 7:48 am

Thanks for taking the time to reply. I'm not not going near the firmware. You got me at "need to know what you are doing".... :D

I will look at the tunnel through SSH instead.

I was planning on building an OpenVPN box on a raspberry pi soon - might be another way to keep things secure?

Cheers!
rhough01
n00b
 
Posts: 6
Joined: Mon Oct 24, 2011 1:05 pm

Re: Secure Webend?   

Postby mad_ady » Thu Aug 20, 2015 10:18 pm

User avatar
mad_ady
Developer
 
Posts: 4575
Joined: Fri Nov 05, 2010 9:08 am
Location: Bucharest, Romania

Re: Secure Webend?   

Postby rhough01 » Mon Aug 24, 2015 11:03 pm

Excellent. Thanks again, I will give this a try
rhough01
n00b
 
Posts: 6
Joined: Mon Oct 24, 2011 1:05 pm


Return to WDTV G2 & WDTV Live homebrew discussion

Who is online

Users browsing this forum: No registered users and 4 guests