Web server

I have bought a 500GB Mybook and discovered with this site that now i had a Linux server at home! all the tips here have been very useful for me and now i would like to bring my little contribution:
I needed to share some photos and files with my friends via the web, so i prepared a Remote Access Web interface : WebServer+AccessBook

Objective :

  • Activate a public web server on port 8080 (http + no authentication required).
  • Activate a secure web server on port 443 (Https + authentication required).
  • No modifications to the standard Admin Web site and minimum modification to the Mybook configuration
  • manage web users via a simple web interface
  • Do not compile/install invasive tools on mybook : only copy a few files and change a few settings.(Manual install and manual uninstall must be possible)
  • Allow download of large files over https
  • Activate PHP

All these features are available for the Mybook Bluering Mybook Whitelight and Mybook Live :
Check the following site for more details : http://www.highlevelbits.fr , and select the correct Mybook Model : Mybook Whitelight, Mybook Blue Ring or Mybook Live.

The above information relates only to the Blue ring version.

Description of my Network architecture on my Internet Router ( French freebox), for the Blue Ring Version only:

tcp Port 80 (http) is redirected to port 8080 on mybook ( used for Public Web access)
tcp port 443 (https) is opened and redirected to port 443 on mybook ( used for secure web access)

Web interface for access management ( configured on port 3210) is only available from home ( port 3210 is not opened to internet on my freebox).
WebMgr.jpg
As soon as you have installed the Feature pack manager, you can install other applications by a single click on the install button…

The AccessBook Feature pack will configure the Remote Access for sharing with other users…

** The Web Feature Manager allows you to install components and features to your Mybook with a single click.**
The feature pack Manager allows you to install some feature packs that have been designed for the Mybook world .
You can install other features pack that are not included in the basic installation are available : Transmission, nzbget, "Mybook Clone to clone your Mybook to a USB disk", "OpenVpn" … check the following site : http://www.highlevelbits.fr

Each feature pack has a friendly user interface to allow configuration:
Features.JPG

Standard Mybook Web interface management (WD Shared Storage Manager) is only available from home (port 80 is not opened to internet on my freebox).

TeinturMan.

1) Web Server Installation procedure

note : the following procedure is only for blue ring version. for the Whitelight, please check http://www.highlevelbits.fr

IMPORTANT : You do'nt want to brick your Mybook Do You?
then before you start, Reboot your Mybook and ensure that your ssh access is reliable.

As long as your ssh access is reliable, the installation is safe. (All the changes can be easily rolled back).
So please, reboot before you start…

Let's start now :

First, install the feature pack manager : ( Mybook World Blue Ring only, please, check http://highlevelbits.free.fr for Mybook Whitelight or Mybook Live)
launch the following url in your internet explorer browser, by changing "MybookIP Address with your own Mybook Ip Address"
http://Mybook Ip Address/auth/firmware_upgrade.pl?fwserver=highlevelbits.fr/download/MBWE/MBWE-FPMGR
click the Upgrade Firmware button.
Wait that the installation finishes…

Note that sometimes a "Firmware upgrade failed" message is displayed. this can be ignored.

Congratulations, you have finished the installation !
Do not reboot your Mybook until you have checked that everything works fine:

Connect to https://<Mybook>:3210
use the same user and password as the one you use to connect to the Standard Western Digital interface.

click the star button,
install the Web Server Feature PAck by clicking the WebServer+AccessBook install button.

Now, you can Configure users that will have access to your secure Web site.
go to the Web Server / Manage Users menu

change password for admin user.

Access the web page using http://<MyBook>:8080/
you should see "Hello World"

Connect to https://<Mybook> to access your secure web site (Use your newly created users to log in)
you should be connected to AccessBook.

2) Installing PHP Support

shogyn:

Please note that PHP support takes a lot of memory (and I only have 32 MB on my bluering). PHP support is not needed for Web server + Accessbook. As far as I understand this feature is only if you want to create and host your own PHP pages. If you still want to install the PHP package just in case you can choose to not enable PHP support for any pages and no memory is consumed.

Connect to https://<Mybook>:3210
Click on the "Php_Support" Link
Click on the Install link for all proposed components in the displayed order…

The php install can take 5 mins or so to complete.

Once it completes the page will open on a log of the changes made and at the end of this log will be

List of Available Web Sites :
/shares/internal/PUBLIC/WWW/Public ( port:8080 ) (Php Enabled : False)(Enable)
/shares/internal/PUBLIC/WWW/Welcome ( port:443 ) (Php Enabled : False)(Enable)
/shares/internal/PUBLIC/WWW/Admin ( port:3210 ) (Php Enabled : False)(Enable)

Click Enable on the Public and Welcome web sited to turn on PHP on these and then test the php as describe below.

Test the installation :
Create sample php files :
/shares/internal/PUBLIC/WWW/Welcome/index.php
and
/shares/internal/PUBLIC/WWW/Public/index.php

Containing the following line:

<?php phpinfo(); ?>

Browse to https://<MyBook-IP>/index.php : You should see all the information about the PHP installation.
Browse to http://<MyBook-IP>:8080/index.php : You should see all the information about the PHP installation.

4) Additional Ressources and Features of the webserver

- The Feature Packs main page : http://mybookworld.wikidot.com/featurepacks

- AccessBook : Remote access your files and share with your friends via Web + Lots More…
Use the Feature Manager to Activate AccessBook.

- Monitoring Your Temperature, Memory and CPU:
http://mybookworld.wikidot.com/mycheck-temp-mem-cpu-monitoring

- Turn Off your Mybook Leds?
http://mybookworld.wikidot.com/leds

TroubleShooting and feedback from other users

Be carefull, this tutorial will change the configuration of your Lighttpd web server.
Loosing the lighttpd web server AND the SSH access will definitively prevent you from accessing your mybook.

Before you do any modification, please reboot your Mybook and check that you can logon through ssh.

Perform the tutorial at once and do not do any other modification or reboot your Mybook until the standard Webif administration web site is working.

If you have a problem and you do not know what is happening, restore immediately the original configuration, restore the lighttpd.conf file using the following command:

cp /etc/lighttpd/lighttpd.conf.bak  /etc/lighttpd/lighttpd.conf

If you have any questions please ask TeinturMan.

Uninstall the WebServer, to revert to standard configuration?

restore the lighttpd.conf file :

wget http://mybookworld.wikidot.com/local--files/web-server/lighttpd.conf.ori -O /etc/lighttpd/lighttpd.conf

then delete the /shares/internal/WWW folder…

Note that this will prevent any other hack using PHP or the Webserver to continue functionning…
Also note that this does not uninstall ipkg packages that may have been installed.

Check OPTWARE to see how to uninstall ipkg packages.

Frequently Asked Questions

  • Question 1: (from erite)

hello,

Thanks for your very detailed instructions about setting up a web server.
I've followed them and it work well. But just on problem to do with the certificate server
When I bring up the link (https://<Mybook>) I get the severe warning message that the certificate server is not trusted nor recognised.

Can you tell me how to fix that?

  • Answer 1:

Hello, This is the normal https behaviour : The certificate works correctly and all your traffic will be encrypted.
The message is a security warning from Microsoft saying that the certificate name does not fit your specific Mybook Name and
it has not been authenticated by a security company like VERISIGN.

You can ignore this popup by clicking "Yes continue, i trust this site"…( or something like that)…
In XP the message is less Alarming than in Vista where the message is very frightening…
Note that when you see this popup, you have the option to install the certificate on your computer… ,
if you do so, the popup will no longer be displayed on your computer…
but the popup will still be displayed if you connect from another computer…

Certificates ( pem file) must have 3 characteristics if you do not want this message :
- it must not have expired ( all certificate has an expiration date)
- it must have been generated with the url of your Mybook ( it is not the case of the provided pem file)
- it must be authenticated by a security company ( You will have to pay yearly for that ! ) and it is quite expensive…

==> without paying a "Official , Authenticated certificate", you cannot remove this security popup.

You can generate a new certificate if you want , following the following instructions :

1) install openssl package using optware ( on my mybook, it has been installed automatically when i have installed php support)
2) Launch the following command :

mkdir /usr/lib/ssl
cp /opt/share/openssl/openssl.cnf /usr/lib/ssl/openssl.cnf
cd /shares/internal/PUBLIC/WWW
/opt/bin/openssl req -new -x509 -keyout /shares/internal/PUBLIC/WWW/MyPrivateKey.pm -out /shares/internal/PUBLIC/WWW/MynewCertificate.pem -days 365 -nodes

it will ask several questions like country etc, ensure you enter the corresponding url of your Mybook.

Note that the generated MyNewCertificate.pem certificate will not be authenticated by any Security company
( you will have to pay for that), so the popup will still appear, but with only 1/3 security problem instead of 2/3 security problem…

  • Question 2 ( from eppie)

Hello, I'm having trouble accessing my http://<Mybook>:8080 on FireFox. FireFox keeps trying to download a file 'which is a: application/octet-stream'
But when I use Explorer it works fine… any ideas?

  • Answer 2

If you have updated ( ido'nt know how) the lighttpd version, this can occur.
in this case, edit the lighttpd.conf fileand search the following lines :

mimetype.assign = (
".html" => "text/html",
".txt" => "text/plain",
".jpg" => "image/jpeg",
".png" => "image/png",
".gif" => "image/gif",
".css" => "text/css"
)
add inside the following line:
".htm" => "text/html",

if you need to enable opening of a different extension, just check on the following web page which is the correct line that you should Add…
http://trac.lighttpd.net/trac/wiki/mimetype.assignDetails

  • Question 3 (from cbanc)

How could I set the "Public" website as the default website when I access http://<MyBook> and set the MBWE "Shared Storage Manager" site on http://<MyBook>:8080 instead?

  • Answer 3 (please anyone could provide…)

I have tried changig the following lines in /etc/lighhtpd/lighttpd.conf:

server.port = 80

to:
server.port = 8080

and:

$SERVER["socket"] == ":8080" {

to:
$SERVER["socket"] == ":80" {

and it works without a problem.

— Regards, Dejan

  • Enjoy your Mybook and Web Server…

If you have any questions please ask TeinturMan.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License