By: erichabg Is it possible to protect the access via owhttpd with a password? -------------------------------------------------- By: alfille
I've been pondering this question. There are several solutions: 1. Readonly. If you only want to prevent users from changing read states and temperature limits, you can start the owhttpd process with the readonly parameter. You still allow the data to be seen, and a malicious user could saturate your system with queries. 2. Limit the tcp address. Typically, owhttpd is started with only a port specification (e.g. -p 4304). This is effectively -p *.*.*.*:4304 . You can specify a more limited audience, which can be particularly useful with some of the techniques discussed below. We do no verification, so your network setup would have to ensure the validity of the claimed addresses of clients. (spoofing). 3. Modify owhttpd. It's pretty simple code. A stateless http server process. All the relevant code is in modules/owhttpd/src/c/owhttpd_handler.c Not for the faint-of-heart. 4. Use a wrapper. Constrain owhttpd to localhost, and either use ssh or maybe a squid proxy or apache redirection. 5. Write a CGI program for a web server with the security you want, and use perl or PHP or whatever to get the data. Even wget to a local owhttpd to get HTML code.
------------------------------------------------------------------------------
_______________________________________________ Owfs-developers mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/owfs-developers
