Generally, remote http access from fhem to the router works. I considered the token and username/password. I was able to read e.g. the uptime remotely using fhem httpmod remotely (as described in https://forum.fhem.de/index.php?topic=77005.msg863226#msg863226)
right, thanks for the hint to use https. After upgrading my router I forgot to enable luci-ssl. I now enabled https again.
But how can I identify the correct URLs to enable/disable wifi? I couldn'f find anything about http methods to control wifi in the references you provided.
It seems that it used to be possible to disable wifi using "cgi-bin/luci/admin/network/wireless_shutdown/radio0.network1". Maybe the URL changed in a newer openwrt version?
There are no directly callable URLs for that available anymore. I suggest to install luci-app-commands, then declare two commands: 1) /sbin/wifi down to shutdown the radio and /sbin/wifi up to start it up again. You can then use the public invocation URLs to trigger the associated actions.
So that you don't have your root password sitting in a file somewhere, I'd suggest two ssh keys, one bound to the "up" command, another bound to the "down" command. That way when your home-automation system is compromised, all that can be done is to enable/disable wireless, not every command on your router.
One reference (of many) on how to do this is
I would suggest no arguments; one key does "up", a different key does "down"
Thanks, using ssh keys is also an option and I understand the advantage security-wise, but I'd rather prefer http for the following reason: When I use ssh keys, I need to enter the passphrase at least when the fhem server has to reboot (e.g. after power outage). That means when I'm not at home and the server reboots e.g. after power outage, Wifi is not working. Or is there a solution to this problem?