Restrict access to YAMon reports page


I am running OpenWRT on x86 and it works fine. But I lack good traffic data utility so I installed YAMon. It works fine but IMHO lacks in "safety"...everyone is able to see the reports from my LAN network for example.

But what really irks me is the fact that my "isolated" guest WiFi clients (running on 192.168.3.x subnet) are able to access YAMon report web page on They are unable to ping or surf to LuCi on (which is routers LAN adress) but it seems that YAMon web server somehow circumvents this and is visible from 192.168.3.x subnet?

It is not able to find "router.js" so traffic data is not visible but it is accepting HTTP traffic and that is a security risk in itself. Is there a way to prevent this or should I just remove YAMon and try to find another traffic tool?

Edit: report page was not visible from Guest subnet after was just cached in browser and appeared to work. Sorry.


It seems that I was a bit too quick to condemn it. My browser seems to have cached YAMon page on so it "appeared" to work from Guest WiFi :smiley:

So it is isolated...but I still wonder whether it is possible to restrict access to statistics/reports page on by password (same as LuCi config, for example)