Secure web access via ssl of your mldonkey client

From MLDonkey
Jump to: navigation, search

Using Apache

If you would like to access the web interface using a secure SSL connection, there is an easy procedure if you already have an SSL Apache web server operating. The following instructions are for Apache 2.0.50 You should include the following lines in your SSL apache config file:

<~VirtualHost myhostname:443>

   ~RewriteEngine on
   ~RewriteRule /mldonkey/(.*) ~http://admin@myhostname:4080/$1 ~[[P,L]]
   ~RewriteRule /mldonkey/(submit.*) ~http://admin@myhostname:4080/$1 ~[[P,L]]
   ~RewriteRule /mldonkey/(files.*) ~http://admin@myhostname:4080/$1 ~[[P,L]]

   ~ProxyPassReverse /mldonkey/(.*) ~http://myhostname:4080/$1

<Location /mldonkey/>
   Order allow,deny
   Allow from all
    ~AuthType Basic
    ~AuthName \"MLDonkey\"
    ~AuthUserFile /etc/apache2/keys.dat
    Require valid-user

Alternatively, if you already have an authenticated realm within your SSL virtual host you can just add the following to SSL.conf:
_(don't forget to replace ports and names to suit your configuration and layout!!)_

<~VirtualHost myhostname:443>

   ~RewriteEngine on
#Allows users to type just ~http://yourserver/mldonkey
   ~RewriteRule ~^/mldonkey$ ~/mldonkey/ ~[[R,L]]
#Simplification of the above method
   ~ProxyPass ~/mldonkey/ ~http://myhostname:4080/
   ~ProxyPassReverse ~/mldonkey/ ~http://myhostname:4080/

<Location ~/mldonkey/>
   Order allow,deny
   Allow from all
    ~AuthType Basic
#Make this the same realm as the one of your server so that users need not log in twice (of course you must also
#use the same ~AuthUserFile).
    ~AuthName \"~YourRealm\"
    ~AuthUserFile /etc/apache2/keys.dat
    Require valid-user
#This is the tricky bit, without which the authentication header for your server would be passed
#to the mldonkey core, resulting in somewhat confusing authentication errors.
    ~RequestHeader unset Authorization

Beware that for the ~RequestHeader directive to work, mod_headers must be built (either statically or as a DSO) and Apache 2.0 or greater is required!

Using Nginx

Nginx is a lightweight alternative to Apache.

In brief:

- create a nginx ssl server
- create a reverse proxy definition:
        location /mlnet/ {
            auth_basic off; #mldonkey does its own basic auth

Thats basically it! As noted, mldonkey needs to do its own authentification.

See also


Personal tools