openwrt如何简单隐藏Web页面
- 路由器刷入openwrt并且启用了Web页面(一般是Luci),将路由任一LAN口与电脑连接(IP自动获取),一般只需要浏览器输入LAN口的IP地址后就可以访问路由器的Web页面,如浏览器打开后直接输入:192.168.1.1
- 浏览器http默认为80端口,故实际访问为:http://192.168.1.1:80/
- 如果修改了openwrt默认的http监听端口号80,那么就不能直接输入:192.168.1.1来访问Web页面,如将默认监听端口修改为8080,则需要输入IP的同时制定端口号才能正确访问openwrt的Web页面,如:http://192.168.1.1:8080/;
- 这样修改了默认监听端口号后,就可以一定程度的隐藏web端,不让普通用户访问(当然还可设置web访问密码);需要修改配置的时候管理员依然可以使用Web页面去配置路由。
80端口是为HTTP(HyperText Transport Protocol)即超文本传输协议开放的,此为上网冲浪使用次数最多的协议,主要用于WWW(World Wide Web)即万维网传输信息的协议。
可以通过HTTP地址(即常说的“网址”)加“: 80”来访问网站,因为浏览网页服务默认的端口号都是80,因此只需输入网址即可,不用输入“: 80”了。
Openwrt 修改Web页面默认访问端口大致步骤如下:
- 使用串口或者SSH登录openwrt后台;
- openwrt 中默认使用的web服务器是uhttpd,
- 进入配置文件路径:cd etc/config/
- 使用vim编辑器修改uhttpd文件 vi uhttpd
使用串口连接电脑后进入openwrt
BusyBox v1.28.3 () built-in shell (ash)
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 18.06-SNAPSHOT, r7201-4f3082583a
-----------------------------------------------------
root@OpenWrt:/#
vim编辑器打开uhttpd 文件
# Server configuration
config uhttpd main
# HTTP listen addresses, multiple allowed
list listen_http 0.0.0.0:80
list listen_http [::]:80
# HTTPS listen addresses, multiple allowed
list listen_https 0.0.0.0:443
list listen_https [::]:443
# Redirect HTTP requests to HTTPS if possible
option redirect_https 1
# Server document root
option home /www
# Reject requests from RFC1918 IP addresses
# directed to the servers public IP(s).
# This is a DNS rebinding countermeasure.
option rfc1918_filter 1
# Maximum number of concurrent requests.
# If this number is exceeded, further requests are
# queued until the number of running requests drops
# below the limit again.
option max_requests 3
# Maximum number of concurrent connections.
# If this number is exceeded, further TCP connection
# attempts are queued until the number of active
# connections drops below the limit again.
option max_connections 100
# Certificate and private key for HTTPS.
# If no listen_https addresses are given,
# the key options are ignored.
option cert /etc/uhttpd.crt
option key /etc/uhttpd.key
# CGI url prefix, will be searched in docroot.
# Default is /cgi-bin
option cgi_prefix /cgi-bin
# List of extension->interpreter mappings.
# Files with an associated interpreter can
# be called outside of the CGI prefix and do
# not need to be executable.
-
修改完成后保存(:wq) - 重启uhttpd(或重启路由器)root@OpenWrt:/# etc/init.d/uhttpd restart(# reboot)
- 使用新的端口登录web端,如:http://192.168.1.1:8080/
另外,openwrt的官网有说明,默认情况下uHTTPd绑定的端口也包含WAN口,如果要指定只包含LAN口的话可以按照下图步骤设置。
By default, uHTTPd is bind to
0.0.0.0
which also includes the WAN port of your router. To bind uHTTPd to the LAN port only you have to change thelisten_http
andlisten_https
options to your LAN IP address.To get your current LAN IP address run this command:
# uci get network.lan.ipaddr 192.168.1.1
Then edit
/etc/config/uhttpd
and bindlisten_http
to specific192.168.1.1
IP instead of0.0.0.0
and comment out IPv6 bindings:config uhttpd main # HTTP listen addresses, multiple allowed list listen_http 192.168.1.1:80 # list listen_http [::]:80 # HTTPS listen addresses, multiple allowed list listen_https 192.168.1.1:443 # list listen_https [::]:443