Hello, I have the GL.iNet GL-E750 (Mudi) and it's running an OpenWRT firmware. OpenWRT packages can be installed from within the GL.iNet UI, and access to LuCI interface can be enabled also.
By default, this router does not have encrypted local traffic, so I'd like to fix that. With other routers, I can install Luci-ssl and have my local connections to LuCI encrypted, but that does not work with this router.
Can anyone here suggest packages to use for this, or provide tips on hardening the GL-E750? Thanks.
https://openwrt.org/docs/guide-user/security/openwrt_security
Having uhttpd listening to insecure interfaces is a bad idea in general. Uhttpd is lightweight and not optimized to withstand an attack. That's why it is by default not allowed on the wan firewall zone.
I am currently connected to the router through it's ethernet interface. Considering my traffic is local, and there are no other devices connected, is using uhttpd to login to LuCI not so bad? Thanks for you response.
I have another general question about this router, and it might be worth creating another topic for it. But maybe not.
It's a relatively new router. At what point does the OpenWRT community decide to develop code for a particular router? For example, this router's default firmware is a fork (may or may not be the proper term) of OpenWRT 18.06. At what point will a branch of OpenWRT 19.07.2 be written for this device, if ever? And how does one determine if that is a work in progress?
Of course not, but since you mentioned encrypted traffic, I assumed that you'd want to connect to it over an insecure connection, like from the internet.
After your explanation there doesn't seem to be a strong reason to encrypt the traffic.
Regarding your other question, some developer will need to get his hands on this device and create the firmware of vanilla OpenWrt. Or the vendor should give the sources, since it is based on OpenWrt, without any proprietary parts.
The pre-installed version of OpenWRT for my device also comes pre-installed on one of their other device models. That other device model is supported here on the site, and its device page has links for the newer versions of OpenWRT.
Provided this info, is it safe to use this other device model's firmware links for my new device?