First off, I really appriciate these routers. They’re small, open sourced and quite durable.
One thing that sits high on my list of things to change is to enable HTTPS for the dashboard and enforce HTTPS when downloading/updating packages and connecting to a vpn.
Could someone point me in the correct direction and or share some info on how to enable https for the dashboard and whatnot? Also, are there any suggestions to help secure this great little tool?
thanks for any time put forth on the topic and have a wonderful day.
This doesn’t seem to work on the GL-AR750S. Particularly, I noticed that the lighthttpd.conf file gets overwritten with its original contents, post-reboot. Even before rebooting, but after restarting lighthttpd, I couldn’t access the admin portal on https. I also tried changing the default port from 80 to 443.
Check /etc/init.d/lighttpd and remove the two lines with ‘cp’ command.
Then lighttpd.conf will not be overwritten. This is a bug in script actually. The router wants to ensure web server is up but it failed to check correct version
This is broken for me because it can’t load the OpenSSL module.
(plugin.c.229) dlopen() failed for: /usr/lib/lighttpd/mod_openssl.so Error loading shared library /usr/lib/lighttpd/mod_openssl.so: No such file or directory
The lighttpd SSL module opkg doesn’t seem to exist so I checked if SSL is compiled in:
root@GL-AR750S:/etc/lighttpd# lighttpd -v
lighttpd/1.4.48 (ssl) - a light and fast webserver
It is compiled in, but activating SSL gives the same error. I have libopenssl installed.
For GL-AR750S - Slate: It is all working like a charm
It is working almost out of the Box - https is up and running but not default
I did the following steps to make https the default:
Sorry to drag up an old thread but I was trying to add an SSL/HTTPS access to the dashboard of one of these handy routers - mine being GL-MT300N-V2,
I followed the above steps and the files where there after reboot but I got the following error when browsing to GL-MT300N-V2 dashboard
MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT
It seems as though the certificate is not accepted because it’s generated by itself?. Is there a way to get a recognized third party cert installed? I recently upgraded the firmware to 3.102 and see some new plugins like ACME (for issuing certificates)
Hello!
Can someone put a complete step by step on how to configure to access HTTPS
UI in AR750 & AR750S from scratch? I am having trouble getting it to work fine.
The “dagee71” solution doesn’t work for me.
I have 3.104 on AR-750S Firmware and 3.102 on AR750 .
Thank you!
Does the firmware update of gl router without https or its “only” the access to the admin menue on a unsecure way ? Because, the validatin methode of firmware are outdated too. See 750-3.100-1217, unsecure firmware validation check
So there is no easy (for non technical people) way to enable only https for the web admin panel? I mean easier than the instructions above, like maybe a toggle button in the admin panel.
By the way, is the web admin panel (192.168.8.1) accessible via wan also or only lan by default? If I am connected to the internet via ISP or VPN and access web admin panel with http, can ISP or VPN see the password I unput for the admin panel and for wifi?
Could anyone compile lighttpd-mod-redirect for FW 3.201 for Slate? This worked for me perfectly on the prev FW, but for the new one this package is not available…
I can login with https as well! I’d need lighttpd-mod-redirect, so that on attempts to login via the Web UI I’ll get redirected automatically to https, making http login impossible.
Tried to install the lighttpd-mod-redirect package from Openwrt 19.07, but that made the Web UI inaccessible, had to uninstall it via ssh - so we’d need the gl inet guys to compile it for FW 3.201 for AR750S. It IS available for Beryl…
Sorry to necro a thread, but are @dagee71 's instructions still the correct way to set up http redirects for the web interface? It seems to be working, but I get the error
sed: /etc/lighttpd/conf.d/10-port.conf: No such file or directory
when I restart lighttpd. Can this message be safely ignored? I’m using a Beryl with firmware 3.211. Thanks!