[mythtv-users] safely exposing mythweb to the net.

Brad Benson bbenso1 at gmail.com
Fri Sep 2 13:51:08 UTC 2005


And it also requires that you access mythweb via port 5080 which may or may 
not be an option for some people depending on where they plan to be 
connecting to mythweb from (i.e. behind a firewall at work that only allows 
port 80 outbound). Using apache as a proxy allows you to still access 
mythweb on the standard port 80 which should pretty much always be 
accessible.

On 9/2/05, Brady <liquidgecka at gmail.com> wrote:
> 
> Wow! Everybody loves complicated solutions!
> 
> Try this one out:
> 
> As root run this command on the firewall,
> 
> iptables -A PREROUTING -t nat -p tcp -i <inf> --dport 5080 -j DNAT
> --to <ip address:port>
> 
> Replacing <inf> with the interface, like eth0 or eth1, of the Internet
> card, and ipaddress:port with the ip address and port of the mythweb
> server.
> 
> Then to get really secure you can setup a .htpassword and .htoptions
> file in the mythweb's /var/www/html directory in order to require a
> password to use mythweb. This helps prevent random modification of
> your settings.
> 
> I use this extensively and it works great =)
> 
> It also requires much, much less overhead than running apache as a proxy.
> 
> 
> 
> 
> 
> On 9/1/05, Brett Grice <badluck_boy at yahoo.com.au> wrote:
> > I would also seriously consider using something like
> > mod_security with apache you can find it here
> > http://www.modsecurity.org.
> >
> > Also lots of info on locking down apache correctly.
> >
> > just my 2 cents worth
> >
> > Brett.
> >
> >
> > --- Marty Ravell <mythtv at rave-tech.com.au> wrote:
> >
> > > This maybe a little O.T. but I'd like to open up
> > > MythWeb to the net as well.
> > > The issue for me however is that my Myth box sits
> > > inside my Home LAN with
> > > another Linux box being my Firewall. Now I do run my
> > > personal website on the
> > > firewall and am wondering how to go about letting
> > > Myth through when there is
> > > already a webserver on the machine that is the
> > > gateway to the internet.
> > >
> > >
> > >
> > > Would it be possible perhaps to use the firewall's
> > > Apache to talk to the
> > > Myth box for MythWeb? Does the MythWeb web server
> > > need to be on the same
> > > machine as the MythTV installation?
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > Regards
> > >
> > > Marty
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > > _______________________________________________
> > > mythtv-users mailing list
> > > mythtv-users at mythtv.org
> > >
> > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> > >
> >
> >
> > Send instant messages to your online friends 
> http://au.messenger.yahoo.com
> > _______________________________________________
> > mythtv-users mailing list
> > mythtv-users at mythtv.org
> > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> >
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mythtv.org/pipermail/mythtv-users/attachments/20050902/79f57e34/attachment.htm


More information about the mythtv-users mailing list