[Openwrt] Secure Your uhttpd Server

Sometimes you will need some http authentication for the uhttpd server, if it is so, we can follow the below steps to achieve.

1. Set up the uhttpd config file
   

    
   config uhttpd 'main'
           list listen_http '0.0.0.0:80' 
           list listen_http '[::]:80'
           list listen_https '0.0.0.0:443'
           list listen_https '[::]:443'
           list interpreter '.php=/usr/bin/php-cgi'
           /*Use php as interpreter, add it if you want to load php correctly*/
           option home '/www'
           /*Actual web file is placed in this folder*/
           option rfc1918_filter '1'
           option max_requests '3'
           option max_connections '100'
           option cert '/etc/uhttpd.crt'
           option key '/etc/uhttpd.key'
           option cgi_prefix '/cgi-bin'
           option script_timeout '60'
           option network_timeout '30'
           option http_keepalive '20'
           option tcp_keepalive '1'
           option ubus_prefix '/ubus'
           option listen_http '8080'
           /*listen to http 8080, you can make your own listening port*/
           option config '/etc/httpd.conf'
           /*Specify the config for username and password for http auth*/
   

   
   
2. Make a file called "httpd.conf" under /etc directory


3. Modify the file with the following, basically, the first parameter is the directory you want to protect
   /:username:password

Reference:http://wiki.openwrt.org/doc/uci/uhttpd#basic.authentication.httpd.conf