Access UI remotely

Jagermeister · March 28, 2012, 5:39pm

Hi,

Is it possible to access the web User Interface remotely? I mean, outside your home network.

I can access the SSH, FTP, Twonky interface, etc… but I didn’t manage to access the configuration UI yet.

Thanks!

TonyPh12345 · March 28, 2012, 7:18pm

It is possible, but without careful (and perhaps risky) re-configuration of the apache security polciies, you won’t be allowed to do anything other than see an “Access Denied” response.

Jagermeister · April 2, 2012, 11:36am

Hi,

Do you know which files would I have to edit? I know that in an Apache server the configuration of “Allowed IPs” is usually site-wide, but I’m not sure in which folder is the default page of this apache server.

In /etc/apache2/sites-available/ I have 4: default, default-ssl, wdnas, wdnas-ssl

In /var/www/UI/, which I guess it’s the website shown, the .htaccess file doesn’t have anything but the SSL redirection module settings.

Myron · April 4, 2012, 12:52am

I’m also guessing W.D. denies access to the Web UI from outside the local sub-net because there may be bugs with the Web UI that could allow a hacker full access to all the files and folders on the MyBook Live. So the lazy way out is to only allow access within the local sub-net.

Do keep this in mind.

Jagermeister · April 4, 2012, 8:46am

@Myron

Yes, I guess there could be security issues with this, but also accessing through FTP can’t be very safe.

I wanted to access the UI remotely because I keep my MBL on a different location (my parents’ place, in another country actually) as a ‘safe’ backup. In case someone breaks into my apartment, there’s a fire, etc… it feels safe to know there’s a remote storage device somewhere else.

So, I can access twonky, SSH, FTP, WebDav remotely… but not the UI. If I need to change something I need to call and describe the procedure, and it’s quite annoying.

Knapster · April 4, 2012, 8:16pm

I think it should work if you install OpenVPN on your MBL and make a connection with this.

SamuraiJack · April 6, 2012, 11:49am

I have the same problem of not being able to access UI remotely. I have a static IP and have set-up port forwarding on the router. Within my own network, I can type in the url with the proper port and get the UI access. The moment I am outside this network, it says access denied.

Chaos311 · April 6, 2012, 2:50pm

I don’t know how to fix it, but I do know that the MBL denies UI access from external networks for security. There was a string on this about 2 months ago. I don’t know how it ended up, but if you could find it there might be a solution there.

Myron · April 8, 2012, 9:25pm

File is: /etc/apache2/sites-available/wdnas

Line 50:

# comment this line if remote WebUI access is needed (WAN access)
    Include /tmp/allow.conf

Have fun.

Do this at your own risk!

I do not know what security vulnarabilities exists within CakePHP so as soon as you make the UI available to the WAN then you may find out that your MyBook Live is not your own but someone else’s.

The security issues can be softened if, say, you configure our router to be remotly accressd and enable/disable the port forwarding rule to the MyBoo Live’s web UI (TCP poty 80) as required. I did this.

It’s possible to allow the WebUI to operate over an SSL link (on port 443) but I’m leaving that alone. For some reason there is a specific entry in there which denies access to the entire web UI over SSL and I don’t know why W.D. is not allowing the UI to be accessed using SSL (https).

You may need to re-start the Apache2 web server or re-start the MyBook Live.

Chenzira · June 15, 2012, 3:24am

I am having the same problem with not being able to access the dashboard UI from outside my home network. I need to access the UI when there is no computer connected to my network as I travel with my laptop and need access to modify the users and shares at any time from anywhere (so hard coding a specific IP Address into the apache files is out). I have a MacBook Pro with an Apple Time Capsule connected to my modem. I have DHCP Reserved an IP Address for my MBL in the Time Capsule. I have also port forwarded ports 80 and 443. When I use the browser with URL http://ExternalIPAddress:80 I get forwarded to http://ExternalIPAddress/UI with a 403 Error.

Forbidden

You don’t have permission to access /UI on this server.

The same thing happens when I use URL https://ExternalIPAddress:443.

What can I do to get around this? I have SSH enabled and have tried to modify the files according to the suggestions in this community here and none of them get me any farther. As a matter a fact I have bricked my local access to the dashboard every time I made a change. I then used SSH to push the firmware back onto the MBL and got access back (thank you for the threads here for that fix!). I am not a programmer but I can navigate my way around some.

I need the coding spelled out for what to do and where. I use the Mac OS X native Terminal application as my SSH Client and I use Nano as my text editer.

I have been all over the net trying to get this to work for two weeks and I am running out of time. Any help greatly appreciated.