Disabling insecure http://mykite.pagekite.me
Hi,
I'd like to use pagekite to expose some internal services running on a Raspberry Pi at home behind a NAT, so that I can also access them from the Internet when I'm not at home. I thought the easiest way would be to have the service listen to insecure http port 80 and let pagekite handle https.
The simplest setting in /etc/pagekite.d/80_httpd.rc actually seems to serve the purpose:
service_on = http:@kitename : localhost:80 : @kitesecret
I can then access my webpage from https://mykite.pagekite.me I believe at this point I could either add some basic HTTP authentication to either the pagekite service or my webserver. Either way, I wouldn't want the authentication password to be sent unencrypted over HTTP. Is there any way I can disable plain http access?
If I change the above line to the following: service_on = https:@kitename : localhost:80 : @kitesecret
My browser complains that "SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG".
Any suggestions?
Support
Links
The Beanstalks Project ehf.
Comments
service_on = http-443:@kitename : localhost:80 : @kitesecret
This will restrict the kite to only be served over port 443 (disabling port 80).
Notice how this will not strictly prevent plain HTTP from running -- technically, you could still access it insecurely over HTTP through port 443 (http://mykite.pagekite.me:443/).
This should however be sufficient to avoid the most common mistakes.