-
Can I block access to webgui via hotspot and only allow it via lan ? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
Yes, there are two ways to do this. The simplest method is to set the web server's bind address in RaspAP's System > Advanced tab to your LAN's IPv4 address. See #295 A somewhat cleaner method with a '403 Forbidden' response can be done manually with lighttpd. You could modify lighttpd's main config directly, but to keep things neater we can use RaspAP's own configuration in lighttpd's
Add the following to the end, substituting the
Save and exit the file, then give lighttpd a kick:
Clients outside of your defined network range will receive a '403' response when accessing the web UI. |
Beta Was this translation helpful? Give feedback.
-
👍 But there is one problem, I also can't access the GUI via the hostname anymore. |
Beta Was this translation helpful? Give feedback.
-
You can also restrict access by host:
...assuming zeroconf/avahi aka Bonjour has mapped the .local domain to an IP on your LAN. It's also possible to combine both host and remote IP checks. |
Beta Was this translation helpful? Give feedback.
Yes, there are two ways to do this. The simplest method is to set the web server's bind address in RaspAP's System > Advanced tab to your LAN's IPv4 address. See #295
A somewhat cleaner method with a '403 Forbidden' response can be done manually with lighttpd. You could modify lighttpd's main config directly, but to keep things neater we can use RaspAP's own configuration in lighttpd's
/conf-available
. Edit it like so:Add the following to the end, substituting the
192.168.0.0/16
private IPv4 address range (192.168.0.0 – 192.168.255.255) for your own network: