Project

General

Profile

Forums » Support »

[Solved] Using lighttpd as a proxy to gain ssl security

Added by bsod about 10 years ago

OS: dd-wrt v24
Lighty: v1.4.34ssl (pre installed)

For a while now I've been trying to learn how to use lighttpd to proxy both my transmission daemon and ftp server.

So far I have the config below, but it doesn't work when I access remotely, only locally. Remotely I get a connection refused error. I have made sure transmission is bound to only the local address to only accept connections from lighttpd but it won't work.

@debug.log-request-handling = "disable"
debug.log-request-header = "disable"
debug.log-response-header = "disable"
debug.log-condition-handling = "disable"
server.max-request-size = 65000
accesslog.filename = "/tmp/lighttpd/logs/lighttpd.access.log"
server.errorlog = "/tmp/lighttpd/logs/lighttpd.error.log"
server.breakagelog = "/tmp/lighttpd/logs/lighttpd.breakage.log"
server.dir-listing = "enable"
server.modules = (
"mod_rewrite",
"mod_setenv",
"mod_secdownload",
"mod_access",
"mod_alias",
"mod_expire",
"mod_webdav",
"mod_auth",
"mod_simple_vhost",
"mod_redirect",
"mod_fastcgi",
"mod_cgi",
"mod_compress",
"mod_accesslog",
"mod_proxy"
)

server.indexfiles = ( "index.php", "index.html", "index.htm" )

mimetype.assign = (
".png" => "image/png",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".gif" => "image/gif",
".html" => "text/html",
".htm" => "text/html",
".pdf" => "application/pdf",
".swf" => "application/x-shockwave-flash",
".txt" => "text/plain",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".gz" => "application/x-gzip",
".css" => "text/css",
)

compress.cache-dir = "/tmp/lighttpd/cache/compress/"
compress.filetype = ("text/plain", "text/html")
fastcgi.debug = 0
fastcgi.server = (
".php" =>
( "localhost" =>
( "socket" => "/tmp/php-fcgi.sock",
"bin-path" => "/usr/bin/php-cgi",
"max-procs" => 1,
"bin-environment" =>
(
"PHP_FCGI_CHILDREN" => "2",
"PHP_FCGI_MAX_REQUESTS" => "500"
)
)
)
)

url.access-deny = ( "~", ".inc")

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/host.pem" 

proxy.server = (
       "" => ( ( "host" => "127.0.0.1", "port" => 9091 ) )
    )
}

$HTTP["url"] =~ "^/owncloud/data/" {
url.access-deny = ("")
}

$HTTP["url"] =~ "^/owncloud($|/)" {
dir-listing.activate = "disable"
}

$HTTP["url"] =~ "^/data/" {
url.access-deny = ("")
}

auth.backend = "plain"
auth.backend.plain.userfile = "/tmp/lighttpd/lighttpd.user"
auth.backend.htpasswd.userfile = "/tmp/lighttpd/lighttpd.htpasswd"
server.bind = "0.0.0.0"
server.port = 81
server.document-root = "/jffs/www"@

Can anyone help? I tried on the dd-wrt and transmission forums with no success.


Replies (1)

RE: [Solved] Using lighttpd as a proxy to gain ssl security - Added by gstrauss about 8 years ago

Check your firewall and that trasmission is up and running and listening on port 9091.

Someone else's config:
Lighttpd CORS reverse proxy for transmission
https://gist.github.com/bathizte/80f40f27f02452f98fd6

    (1-1/1)