OpenWRT 보안 강화하기

Recommended security settings

The following settings are highly recommended to complete before connecting to the Internet。

  • Set a secure password
  • Only allow access to ssh from lan, change the port
  • Only allow local devices to access luci

Edit /etc/config/uhttpd,Change the original 0.0.0.0 and [::] addresses to the local lan address, for example:

	# HTTP listen addresses, multiple allowed
	list listen_http	192.168.2.1:80
	list listen_http	[fd00:ab:cd::1]:80
 
	# HTTPS listen addresses, multiple allowed
	list listen_https	192.168.2.1:443
	list listen_https	[fd00:ab:cd::1]:443

Restart the service:

/etc/init.d/uhttpd restart