aMule Bug Tracker - aMule
View Issue Details
0000955aMulePreferencespublic2006-08-29 10:192017-05-30 08:49
0000955: add option to specify listening address for amuleweb
It is possible to specify an address on which amule(d) listens as ECServer but it is not possible to specify the address on which amuleweb listens.
Could be used to allow the web only on one interface of machines that have several interfaces, or to allow only local connections so that it is possible to connect only from localhost or through ssh tunnels.
configure, connection
Issue History
2006-08-29 10:19hramrachNew Issue
2006-08-29 10:19hramrachOperating System => Any
2006-08-31 12:36KryStatusnew => assigned
2006-08-31 12:36KryAssigned To => Kry
2006-09-26 05:07KryPrioritynormal => high
2006-11-09 22:40pcmasterNote Added: 0002157
2006-11-09 22:40pcmasterNote Deleted: 0002157
2011-01-29 17:47bugmiNote Added: 0003534
2017-05-30 08:10uqbarNote Added: 0003702
2017-05-30 08:31uqbarNote Edited: 0003702bug_revision_view_page.php?bugnote_id=3702#r18
2017-05-30 08:35uqbarTag Attached: configure
2017-05-30 08:35uqbarTag Attached: connection
2017-05-30 08:49uqbarNote Edited: 0003702bug_revision_view_page.php?bugnote_id=3702#r19

2011-01-29 17:47   
Nothing yet? it would be really useful.
2017-05-30 08:10   
(edited on: 2017-05-30 08:49)
This is actually a major bug to be addressed asap.

It's a real bug as the amule.conf file has an ECAddress setting to limit the "external connections" address, but amuleweb is happily ignoring it and is not able to connect unless it's unset!

And it's a security bug as well. The web UI has no encryption (aka SSL) and opening a web UI over any network without encryption is a security nightmare.

Now, besides adding encryption, there's an easy solution: fix just this bug.

Let amuleweb listen on loopback only at any address from to
Then open an SSH TCP port forward/SOCKSv5 proxy from remote client to the amuleweb host.
This should add very strong encryption to amuleweb with just a tiny fix.

Maybe the offendig code is here:

file:src/sebserver/WebServer.cpp, line 285

        amuleIPV4Address addr;

it looks like it's setting the listening address to .
What's hard to find to me (so far) is where it's connecting to for amuled.