Hello everybody,
I just developed a domotic application with Arduino Yun, which exposes a web page at the url:
http://yun_ip_address/sd/myapp/index.html.
I configured port forwarding on my router/firewall to access Yun from outside home LAN.

Everything is working fine, but I am a bit worried about unwanted access to my web panel, which controls some hardware in my home.

First of all, I tried to set up restricted access by using .htaccess and .htpasswd files, but I didn't succeed,
is uhttpd service capable of managing it ? What am I missing to make it work ? Any hint on some smart solution to restrict access ?

Second: my app is sharing the same web server of the management interface, I would like to close it completely, to avoid that pointing to the url http://yun_ip_address/ drives the visitor to the Yun configuration interface. In other words restrict the access to the /sd/myapp only.

Thanks in advance,
Dk

Hi, at least I managed to disable the wifi, but I'm still worried about web server vulnerabilities.
Is there a way to perform a deep check ?

Thanks and bye,
Dk

deep

isn't a technical term but it sounds like you could use a probe. nmap will do a network probe, and w3af will probe webapps. ... but none of these things are specific to Arduino.