Why Firmware Version 02.02.02-020 not support web interfect on internet?

Capture.PNG

Because Western Digital, in their infinate wisdom, congigured the MyBook Lives’s web server to deny all connections from any IP that is not on your network’s local subnet and didn’t have the heart to include an option to allow the user to decide if they want that functionality or not. I think I know how to, on a temporary basis, remove this block but am a bit lazy to try.  I have had a look and spotted the following file, but because of where it is it might not be the one. If is is then the Firmware, possibly on start-up creates this file before Apache starts up and it is an include in some static configuration file.  This file I’m referring to is…

/tmp/allow.conf

<Directory /var/www/UI>
Order deny,allow
Deny from all
Allow from 192.168.
</Directory>

 So any connections from 192.168.0.0/255.255.0.0 will be allowed and denied from everywhere else.

Maybe tweaking this file appropriately (making sure you take a copy of the original) and restarting the Apache2 web server will allow access to the configuration pages from the WAN.

Also, may be CakePHP rapid application development environment that’s used used for the Web/Dashboard UI has one really massive security vulnerability, W.D. ain’t talling what it is and taking the lazy way out by enforcing the decision on the MyBook Live owner.

I would prefer to make the decision myself as what I would do is configure my router to accept connections to the MBL only from the IP address I’m at so the Web UI would not ever be available to the entire Internet but from a very clinically specific microbial part of the Internet.

You can get to the Web UI from outside using an SSH SOCKS Proxy (PuTTY will do this as well as be a terminal) but it’s just a pain to set that up and then having to configure and de-configure the browser’s SOCKS proxy settings.

Have fun.

So after that, is the MBL NAS on the same local subnet as the computer you used or on another remote subnet?