I’m trying to change the bind interface option of lighttpd because I don’t want that listens on all interfaces.
According to the documentation, you only have to uncomment and change the next line in the /etc/lighttpd/lighttpd.conf file:
#server.bind = “localhost”
But it doesn’t work and lighttpd doesn’t start anymore.
Any idea of the problem??
No, but at a quick glance I’d think that using localhost there would make reForis unreachable from any other machine. (you surely don’t access it from router’s localhost)
Hello, try to change port number as well, so say something like:
server.port = 8080
server.bind = "192.168.100.1"
then verify it with: ss -tunalp | grep lighttpd
Also check out files in /etc/lighttpd/conf.d since there’s several other configs. Definitely check those two:
/etc/lighttpd/conf.d/90-turris-root.conf/etc/lighttpd/conf.d/40-ssl-enable.confThe first one has some documentation at the begining and it says:
# These settings augment OpenWrt (upstream) lighttpd default config
# to support Turris webapps.
# This is part of turris-webapps package and is not meant to be edited.
# If you need different setup, uninstall this package and create your own config
So I believe that is the reason why it still listens to all possible addresses.
I commented in turris-auth+lighttpd: make sure that turris webapps are not accessible in case turris-auth is not running (#866) · Issues · Turris / Turris OS / Turris OS packages · GitLab suggesting how to bind lighttpd to the local LAN ipaddr.
@dawydh after making a config change to lighttpd, you should run lighttpd -f /etc/lighttpd/lighttpd.conf -tt to test the config. You can run lighttpd -f /etc/lighttpd/lighttpd.conf -p to print the config, including all lighttpd.conf include files.
Well you can try this.
https://wiki.turris.cz/doc/en/public/lighttpd
It will not serve to any interface at all, will be accessible only from the router itself. And when you want to access you will access by ssh port forwarding.