[script] Disable HTTP

Hi there

Wrote simple script to enable/disable port 80 on your router.

GitHub page

Version 2

#!/bin/bash

function process_action {
    echo "What would you like to do?"
    echo "Enter 'e' for enable port 80, 'd' for disable port 80, or 'r' for redirect from port 80 to 443."
    echo "Please note: Enter the option exactly as shown above."

    read action

    case $action in
        e|E)
            echo "Enabling HTTP access to the router"
            sed -i 's/#listen 80;/listen 80;/g' /etc/nginx/conf.d/gl.conf
            sed -i 's/#listen \[::\]:80;/listen \[::\]:80;/g' /etc/nginx/conf.d/gl.conf
            ;;
        d|D)
            echo "Disabling HTTP access to the router"
            sed -i 's/listen 80;/#listen 80;/g' /etc/nginx/conf.d/gl.conf
            sed -i 's/listen \[::\]:80;/#listen \[::\]:80;/g' /etc/nginx/conf.d/gl.conf
            ;;
        r|R)
            echo "WARNING: The redirect feature is untested and should be used at your own risk."
            read -p "Are you sure you want to proceed with setting up redirection from port 80 to 443? (y/n): " confirm
            if [[ $confirm =~ ^[Yy]$ ]]; then
                echo "Setting up redirection from port 80 to 443"
                if grep -q "return 301 https://\$host\$request_uri;" /etc/nginx/conf.d/gl.conf; then
                    cat <<EOF >> /etc/nginx/conf.d/gl.conf

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    server_name _;

    return 301 https://\$host\$request_uri;
}

EOF
                else
                    echo "Redirection already set up."
                fi
            else
                echo "Redirect setup cancelled. Please choose another option."
                process_action
            fi
            ;;
        *)
            echo "Invalid option. Please enter 'e', 'd', or 'r' exactly as shown above."
            process_action
            ;;
    esac

    echo "Restarting nginx"
    /etc/init.d/nginx restart
    exit 0
}

process_action

#!/bin/bash

echo "Do you want to enable or disable port 80?"
echo "Enter 'enable' to enable port 80 or 'disable' to disable port 80."
read action

if [ "$action" == "enable" ]; then
    echo "Enabling HTTP access to the router"
    sed -i 's/#listen 80;/listen 80;/g' /etc/nginx/conf.d/gl.conf
    sed -i 's/#listen \[::\]:80;/listen \[::\]:80;/g' /etc/nginx/conf.d/gl.conf
elif [ "$action" == "disable" ]; then
    echo "Disabling HTTP access to the router"
    sed -i 's/listen 80;/#listen 80;/g' /etc/nginx/conf.d/gl.conf
    sed -i 's/listen \[::\]:80;/#listen \[::\]:80;/g' /etc/nginx/conf.d/gl.conf
else
    echo "Invalid option. Please enter 'enable' or 'disable'."
    exit 1
fi

echo "Restarting nginx"
/etc/init.d/nginx restart

How to use it?

Run this commands on your host machine (NOT router):

nano port_config.sh

Paste code from above (or use v1 if you want) and save file.

scp -O -r port_config.sh root@192.168.8.1:/tmp

Enter password

ssh root@192.168.8.1

Enter password again

cd /tmp

./port_config.sh

DOUBLE CHECK THAT HTTPS SUPPORTED BEFORE RUNNING THE SCRIPT

Just replace http:// to https:// in link. If Admin page works, you can run the script. If not, use its option to enable http again.

Why block http (80), if you could redirect?

server {
    listen 80 default_server;

    server_name _;

    return 301 https://$host$request_uri;
}

I think this will be more user-friendly.

We should keep in mind that there are devices without https.
If I remember right some older routers like mango and shadow don't use https.

Mostly, browsers block http or have HTTPS only mode (Firefox, Tor, Brave for example). So I think it is enough to just block.

But I modified script to include your idea

Added instructions to how to check and use. Thanks!

If someone have any suggestions to improve, don’t hesitate to write!

GitHub instead of the forum would be nice

I am thinking about this as I wrote many scripts. Maybe, next one will be uploaded there

UPD: @admon done