Opened 3 years ago

Closed 3 years ago

#414 closed enhancement (invalid)

Secure Webpage of Non-LuCI Application

Reported by: alphasparc@… Owned by:
Priority: minor Milestone:
Component: LuCI Applications Keywords:
Cc:

Description

Currently if uShare/Transmission is enabled you can navigate to it without any password.
Logically speaking all the configuration pages should be secured.
Is it possible to force all the webpages to go through LuCI authentication before proceeding?

Change History (2)

comment:1 Changed 3 years ago by jow

This depends. If transmission uses its own webserver then there is not much that can be done about in LuCI. If the transmission ui is served by uhttpd you could setup an authentication realm: http://wiki.openwrt.org/doc/uci/uhttpd#basic.authentication.httpd.conf

comment:2 Changed 3 years ago by soma

  • Resolution set to invalid
  • Status changed from new to closed

Yes, it uses its own webserver. If you want to secure it you have to enable RPC authentication in transmission config and set a user and password.

Note: See TracTickets for help on using tickets.