[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4326: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4328: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4329: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4330: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3501)
forum.wdlxtv.com • Secure Webend?
Page 1 of 1

Secure Webend?

PostPosted: Wed Aug 19, 2015 12:13 am
by rhough01
Hi

I've just upgraded to 0.5.1.1 / 0.5.2.2 and have started to use rTorrent for the first time via a private tracker. Nice handy feature.

I have changed the webend default password, and can happily access the little box from outside my router.

Is there a way to make the login go via HTTPS rather than HTTP to encrypt this password?

I know WDLXTV wasn't designed to have external access, but it would be handy to access it now and again in a more secure environment.

On another note, I seem to be having difficulty changing the webend password a second time. It kept my old (non default) one from before the firmware upgrade, but every time I change it and reboots - it doesn't "stick"

Thanks

Re: Secure Webend?

PostPosted: Thu Aug 20, 2015 4:40 am
by mad_ady
I don't know about passwords not sticking, but in theory you can configure the apache server to start on 443 with HTTPS. However, you'll need to manually edit apache's config file (which is in the read only part of the firmware) and override the original file. It's doable, but you need to understand what you're doing... :)

Here's a more secure alternative - use ssh to connect from the internet and tunnel port 80 through ssh.

Re: Secure Webend?

PostPosted: Thu Aug 20, 2015 7:48 am
by rhough01
Thanks for taking the time to reply. I'm not not going near the firmware. You got me at "need to know what you are doing".... :D

I will look at the tunnel through SSH instead.

I was planning on building an OpenVPN box on a raspberry pi soon - might be another way to keep things secure?

Cheers!

Re: Secure Webend?

PostPosted: Thu Aug 20, 2015 10:18 pm
by mad_ady

Re: Secure Webend?

PostPosted: Mon Aug 24, 2015 11:03 pm
by rhough01
Excellent. Thanks again, I will give this a try