Ticket #414 (closed enhancement: invalid)

Opened 2 years ago

Last modified 2 years ago

Secure Webpage of Non-LuCI Application

Reported by: alphasparc@… Owned by:
Priority: minor Milestone:
Component: LuCI Applications Keywords:
Cc:

Description

Currently if uShare/Transmission is enabled you can navigate to it without any password.
Logically speaking all the configuration pages should be secured.
Is it possible to force all the webpages to go through LuCI authentication before proceeding?

Change History

Changed 2 years ago by jow

This depends. If transmission uses its own webserver then there is not much that can be done about in LuCI. If the transmission ui is served by uhttpd you could setup an authentication realm:  http://wiki.openwrt.org/doc/uci/uhttpd#basic.authentication.httpd.conf

Changed 2 years ago by soma

  • status changed from new to closed
  • resolution set to invalid

Yes, it uses its own webserver. If you want to secure it you have to enable RPC authentication in transmission config and set a user and password.

Note: See TracTickets for help on using tickets.