[mythtv-users] How to set up remote access to mythweb?

Craig Huff huffcslists at gmail.com
Tue Dec 9 02:18:51 UTC 2008 

On Sat, Dec 6, 2008 at 3:50 PM, Mark Greenwood <fatgerman at ntlworld.com> wrote:
> Definitely at least set a password on mythweb, and if you understand any of apache's other security options use them also. And tell me what you did because I get the urge to kill every time I try to understand it :)
>

Okay, Mark, here's what I did.  In case anything is different based on
the distro/version, I did this on FC6 using Apache 2.2.3.

I edited /etc/httpd/conf.d/mythweb.conf, which I presume was
originally created as part of the MythTV installation.  It originally
looked like:
<Directory /var/www/html/mythweb>
        Options FollowSymLinks
        AllowOverride All
</Directory>

and I made it look like this:
<Directory /var/www/html/mythweb>
        Options FollowSymLinks
        AllowOverride All
        Order deny,allow
        Deny from all
        Allow from 192.168.1.
        Allow from 127.0.0.1
        Satisfy any
        AuthType Digest
        AuthName "MythTV"
        AuthDigestDomain /mythweb/
#       AuthDigestFile /var/www/htdigest
        AuthUserFile /var/www/htdigest
        Require valid-user
</Directory>

Note that the Apache documentation made me think it should be
AuthDigestFile, but httpd failed with an error until I reset it to
AuthUserFile so YMMV.  Also, note that /etc/httpd/conf/httpd.conf
contained this line:
DocumentRoot "/var/www/html"
so I made the AuthDigestDomain directive value relative to this since
the webpages for MythWeb were set up in /var/www/html/mythweb.

Next, I ran htdigest with the command:
#htdigest -c /var/www/htdigest MythTV <internet_login_name>
where <internet_login_name> is whatever username you desire (not
necessarily related to any system userid) and defined the password
that should be supplied when accessing MythWeb from the internet.  I
could have added another login user/password pair with:
#htdigest /var/www/htdigest MythTV <second_login_name>
but what do I need more logins for?

Then I set up a temporary port redirection on my firewall/router to
redirect TCP traffic from my firewall/router's DHCP IP address on a
randomly picked high port number, like 8888, to port 80 on my
statically DHCP assigned BE's IP address and tried accessing it.
Success!  Well, it was successful after I told the router to enable
the port redirection that I had defined but not enabled, anyway. %)

The URL would be something like http://nn.nn.nn.nn:8888/mythweb where
nn.nn.nn.nn was the router's IP address assigned by the ISP's DHCP
server.

My next step is to try and see if I can get into MythWeb when I'm
*really* outside the firewall by trying from work.

HTH,
Craig.

More information about the mythtv-users mailing list