Hello to all,
iam new to this forum and have my first question.
How it can be done to secure the Moode Audio Player from other people in the same wifi/network?
My player runs in a office network with many other people in the same network (up to 50 mobile devices) and i do not want that anyone can controls the device outside from my department.
First networkscan lists open ports -> ngix (80 & 443) , ssh (22), mpd (6600) and airplay (5000).
SSH are protectet with a passwort (change it already). Airplay i have edit the config file from shairport and add a passwort. Works great.
Does anyone have an trick to protect the mpd server? If i edit the mpd config and insert a passwort the webgui can not open playlists and control the mpd server.
Last step, the webgui. I know basicly on apache to create virtual hosts with htpasswd file, make redirect to https and import an self signed ssl certificate (to protect the password input if anyone scans the network with wireshare) - but not on ngix (i can google it thats not the problem but i want to know if it works flawless with the gui after i protect the ngix webserver).
Other idea that i had was to protect the hole pi with iptables and mac filterlist, that only certified mac´s can interact with the pi network interface. (i know its not realy hard to spoof the mac with wireshark, but basicly it would be enough protection for me)
Setup: Raspberry 4 with Hifiberry DAC on release 6.7.1 2020-07-22
Thanks for helping.
Best regards
Patrick
and by the way: Nice work with moode 7 @ MoodeAudio Team
iam new to this forum and have my first question.
How it can be done to secure the Moode Audio Player from other people in the same wifi/network?
My player runs in a office network with many other people in the same network (up to 50 mobile devices) and i do not want that anyone can controls the device outside from my department.
First networkscan lists open ports -> ngix (80 & 443) , ssh (22), mpd (6600) and airplay (5000).
SSH are protectet with a passwort (change it already). Airplay i have edit the config file from shairport and add a passwort. Works great.
Does anyone have an trick to protect the mpd server? If i edit the mpd config and insert a passwort the webgui can not open playlists and control the mpd server.
Last step, the webgui. I know basicly on apache to create virtual hosts with htpasswd file, make redirect to https and import an self signed ssl certificate (to protect the password input if anyone scans the network with wireshare) - but not on ngix (i can google it thats not the problem but i want to know if it works flawless with the gui after i protect the ngix webserver).
Other idea that i had was to protect the hole pi with iptables and mac filterlist, that only certified mac´s can interact with the pi network interface. (i know its not realy hard to spoof the mac with wireshark, but basicly it would be enough protection for me)
Setup: Raspberry 4 with Hifiberry DAC on release 6.7.1 2020-07-22
Thanks for helping.
Best regards
Patrick
and by the way: Nice work with moode 7 @ MoodeAudio Team
