Password protected?

Functionality and usage of the OpenNethome Server
Post Reply
Stigern
Posts: 4
Joined: Tue Oct 20, 2015 6:52 pm

Password protected?

Post by Stigern »

Is there a way to make the server more secure?
Password/username login?
stefangsbb
Site Admin
Posts: 313
Joined: Sun Nov 30, 2014 2:16 pm

Re: Password protected?

Post by stefangsbb »

I have actually chosen not to include any security/login features in the application, because it is quite difficult to make sure it is really secure. It is possible to use for example apache httpd in front of the application to add login for access.
Stigern
Posts: 4
Joined: Tue Oct 20, 2015 6:52 pm

Re: Password protected?

Post by Stigern »

Ok, I'm sorry but could you explain a littlebit more how? :?:
mara
Posts: 3
Joined: Thu Oct 22, 2015 6:18 pm

Re: Password protected?

Post by mara »

Here is how I did password protection and reverse proxy to opennethome jetty with nginx:

- install nginx:
sudo apt-get install nginx
sudo /etc/init.d/nginx start

- add http authentication (https://www.digitalocean.com/community/ ... untu-12-10):
sudo apt-get install apache2-utils
- create user "example" and set password
sudo htpasswd -c /etc/nginx/.htpasswd example

- edit nginx conf
sudo emacs /etc/nginx/sites-available/default
- add these lines after "server {..."
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth

- reload your nginx and check that your password protection is working at http://yourhost:80:
sudo /etc/init.d/nginx reload

- Jetty proxy (http://stackoverflow.com/questions/2073 ... y-to-jetty)
sudo emacs /etc/nginx/sites-available/default
- change "location / {" section to this:
location / {
proxy_pass http://127.0.0.1:8020;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}

Please note that this adds password protection to nginx port 80 only. You can still access jetty server from port 8020.

And this is just a basic setup. Adding more security to nginx is another story :)
stefangsbb
Site Admin
Posts: 313
Joined: Sun Nov 30, 2014 2:16 pm

Re: Password protected?

Post by stefangsbb »

Stigern wrote:Ok, I'm sorry but could you explain a littlebit more how? :?:
Sorry, I guess that explanation was kind of compressed. What I meant was that it is possible to use a standard WEB-Server (like apache httpd or nginx) and configure that to use authentication and configure it to pass the requests on to OpenNetHome. You would for example open up port 80 in your router, and configure nginx to listen to that port and use authentication, and then pass on the traffic to port 8020 where OpenNetHome is listening.

All this does however require quite some knowledge in web server configuration. In Linux, installing the web servers is quite easy, in Windows it is a bit more work, but not much. Look at mara:s excellent description to see how it is done for nginx on Linux.
stefangsbb
Site Admin
Posts: 313
Joined: Sun Nov 30, 2014 2:16 pm

Re: Password protected?

Post by stefangsbb »

Thanks a lot mara for this excellent guide on how to set up password protection!
Stigern
Posts: 4
Joined: Tue Oct 20, 2015 6:52 pm

Re: Password protected?

Post by Stigern »

Thanks! :D
obiwan
Posts: 2
Joined: Tue Dec 12, 2017 7:27 am

Re: Password protected?

Post by obiwan »

Works great, thanks!

Now on to add HTTPS :)
Dm86
Posts: 6
Joined: Sat Dec 30, 2017 9:27 am

Re: Password protected?

Post by Dm86 »

Can I use another port than 80? I have an public web page on another raspberry pi so I would like to use 85 (or something) to do port forward to the RPI with NetHomeServer. Can I still use the script above to add password protection or do I need to do some modifications?
Post Reply