Lighttpd

Hello,

Goal
I own a bifferboard (small i486 embedded device with 8 MB Flash memory) on which I run several services. The distribution I use is OpenWRT on which we use precompiled packages. I run lighttpd 1.4.26 (I know it's buggy) on it, to host a static small static. Since I use this device for torrents also, I installed transmission-web.

Path & problems
Since I'm was going to login via internet to my Transmission server, I wanted to use auth + ssl. Transmission has it's own build in httpd server with an rpc-auth support implemented. The configuration is straight forward so, I used the following options: 127.0.0.1:8080. Now transmision-rpc accepts connections on localhost:8080 only.

Then I created a personal SSL.pem. Then I redirected all connections on port 80 to port 443 using mod_redirect. Then I setup mod proxy to forward '/transmission/web/' => 127.0.0.1:8080.

With the above approach I encountered two different issues:

1) Transmission to prevent CSFR attacks, did not load the page. That's a screenshot: http://emberapp.com/atma/images/httpskarida-ath-cxtr/ . This problem is discussed on the transmission forum but a solution is provided for apache2 only: https://forum.transmissionbt.com/viewtopic.php?f=8&t=8393
The main idea however is that we need mod_simple_vhost and mod_rewrite to make Transmission work smoothly. Other approaches are more like ugly hacks.

2) After a couple of config changes I noticed that (without SSL) mod_proxy stopped working properly with Transmission. When I try to login to transmission-web via mod_proxy, transmission webpage says that "cannot connect to server", while when I connect directly it connects normally (I can see torrents/stats/etc).

Any ideas?

That's my current configuration:
-------------------------

server.modules = (
"mod_accesslog",

1. "mod_rewrite",
2. "mod_simple_vhost",
   "mod_redirect",
   "mod_proxy",
   "mod_access",
   )

server.document-root = "/mnt/usb/www/"
server.errorlog = "/mnt/usb/var/log/lighttpd/error.log"
accesslog.filename = "/mnt/usb/var/log/lighttpd/access.log"

server.network-backend = "write"
server.tag = "lighttpd 1.4.26 on bifferboard! - connections are logged!"
server.pid-file = "/mnt/usb/var/run/lighttpd.pid"
server.dir-listing = "enable"
server.upload-dirs = ( "/mnt/usb/tmp" )
index-file.names = ( "index.html", "default.html", "index.htm", "default.htm" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

#$HTTP["url"] =~ "^/transmission/web/" { proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => 8080 ) ) ) }

#$SERVER["socket"] == ":443" {

1. ssl.engine = "enable"
2. ssl.pemfile = "/mnt/usb/etc/lighttpd/certs/lighttpd.pem"
   #}

#$SERVER["socket"] == ":80" {

1. $HTTP["host"] =~ "(.*)" {
2. url.redirect = ( "^/(.*)" => "https://%1/$1" )
3. }
   #}

mimetype.assign = (
".pdf" => "application/pdf",
".class" => "application/octet-stream",
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".wav" => "audio/x-wav",
".gif" => "image/gif",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".png" => "image/png",
".css" => "text/css",
".html" => "text/html",
".htm" => "text/html",
".js" => "text/javascript",
".txt" => "text/plain",
".dtd" => "text/xml",
".xml" => "text/xml"
)

$HTTP["url"] =~ "\.pdf$" {
server.range-requests = "disable"
}

1. $HTTP["host"] =~ "karida.ath.cx$" {
2. server.document-root = "/mnt/usb/www/karida.ath.cx"
3. ulr.rewrite = (
4. "^([a-zA-Z0-9]+)\.ath\.cx(\?(.*))*$" =>
5. "karida.ath.cx/tr/$1/$2"
6. )
7. server.errorlog = "/mnt/usb/var/log/lighttpd/error.log"
8. accesslog.filename = "/mnt/usb/var/log/lighttpd/access.log"
9. #server.error-handler-404 = "/e404.php"
10. }
    -------------------------------------------------
    NOTE: The parts that are commented out are configurations that I've tried and partially work. However all together they don't deliver the wanted result :-(

Regards