WikiDevi.Wi-Cat.RU:DD-WRT/WEB Server

From WikiDevi.Wi-Cat.RU
Jump to navigation Jump to search
Source

Source

WEB Server @ dd-wrt

DD-WRT runs a small httpd server used for configuring the router. This guide will show how to use it to serve you own pages to your LAN or to the world. Please remember that opening WEB server to the world could be potential security problem.

WEB server with v24-preSP2

Under v24-preSP2 it is possible to serve static HTML pages using the existing web server by symlinking them into the www/user directory.

Assumptions

- You have telnet and SSH enabled on your router. See Telnet/SSH and the Command Line.
- You can send files via SSH to and from your desktop (e.g with WinSCP)
- You have jffs enabled and enough free space to store your files or you have working mmc mod.
- I will assume you are installing to the jffs partition. If you are not, replace jffs with mmc or some other folder
- You have the "Enable Info Site" enabled (Administration -> Management -> WEB Access)
- You MUST name your index file index.htm (note: all lower case letters)

Procedure

Create static pages under /jffs or under some other persistent partition you have configured. Symlink your www-root to /www/user. For example:

mkdir /jffs/www
echo "test page" > /jffs/www/test.htm
ln -sf /jffs/www /www/user

Arrange to create the symbolic link on startup, then pages from jffs/www can be served up as http://router.address/user/test.htm.

Pros

- Simplest to set up.
- Saves both the complexities and the memory usage of running two HTTP servers.

Cons

- No support for cgi-bin.
- Your info site & DD-WRT management page will be available on the same http server, so choose a strong password.
- You can't get link to your site included in admin pages.

For DD-WRT V24 pre SP2 (svn 12533+) CGI support has been disabled as a fix for an exploit. See this ticket if you would like support reintroduced.

Separate httpd-server for your site

For the best result it is better to use separate httpd-server for your site. There are several possibilities: install vlighttpd e.g. with Optware, The Right Way or install Optware-ByHand and after that busybox (for simple httpd) or lighttpd.

Assumptions

- You have telnet and SSH enabled on your router. See Telnet/SSH and the Command Line.
- You can install additional httpd-server to your router.
- You can send files via SSH to and from your desktop (e.g with WinSCP)
- You have jffs enabled and enough free space to store your files or you have some other persistent partition e.g. mmc mod or usb drive.

Procedure

1) Install additional www-server of your choice e.g. busybox httpd, lighttpd or vlighttpd from optware
2) Move default httpd away from port 80. Easiest is just to disable web administration via http, https uses port 443. Other option is to set the http_lanport nvram variable in the nvram:

nvram set http_lanport=81
nvram commit
reboot

Note: Even if you plan to use secondary IP for your own site, you need to move the built-in httpd away from the port 80, as it listens it's port on all IP:s.

3) Optional: open to the world

Caution! The following steps could make the router's management pages accessible from the WAN (for example http://Your.WAN.IP/Management.asp). The password should be required however, so make sure it is strong.

  • Open web admin Administration -> Diagnostics, press "Run"
  • Enter this line to the Commands field:
/usr/sbin/iptables -I INPUT 1 -p tcp --dport 80 -j logaccept
  • Press "Save Firewall", the router will reboot or reboot it manually.
  • How to cancel this?

Telnet to the router and type:

nvram set rc_firewall=""
nvram commit
reboot

Pros

- You have full control of your site. You can run cgi, php etc.

Cons

- Complex to set up
- Requires more memory and processing power from your router

Change SSL cert for HTTPS certificates

See forum topics Change SSL cert for HTTPS certificates and Adding user created ssl certificates.