Category: OpenWRT
-
Setting up Quad9 as Default DNS in OpenWrt
✅ What Works Well (Best Practices) 1. Set Quad9 DNS in the WAN Interface (IPv4 & IPv6) This ensures your router forwards DNS requests only to Quad9, preventing ISP DNS leakage. 2. Configure DHCP Option 6 in LAN Interface 3. Leave LAN Custom DNS Servers Field Empty (also check if adding quad9 IPs works complementary)…
-
Secure access OpenWRT
For openwrt devices exposed directly to the internet such as in a DMZ and need to have ssh access without compromising too much, we will have to follow these steps to achieve some basic security. Internet traffic is very much infested with bots trying to brute force into systems so this is a small but…
-
USB Mass Storage Devices compatibility – OpenWRT
To enhance compatibility with USB 3.0 mass storage devices on OpenWRT, you may need to install specific kernel modules and packages. Here are the general steps to maximize compatibility: Install USB Support Packages: Install USB 3.0 Driver: USB 3.0 support may require additional kernel modules. Install the appropriate package based on your hardware. For many…
-
Haproxy.cfg configuration for acme challenge – openwrt
Updated configuration file for haproxy in openwrt. The acme-challenge was improved by having dedicated acls for each webserver containing a list of their own domains to redirect certbot traffic to another dedicated backend where those domains get their ssl certificates. Normal https traffic is redirected to individual backends. Explanation of Configuration:
-
haproxy – Reverse proxy ssl pass-through (OSI 4) – OpenWRT
Useful haproxy.cfg file for your reverse proxy needs with some added security. In frontend stats you need to change the default username:password to securely access (locally) the statistics webui at port 9000 or any other port you choose. This configuration is great if you have multiple domains behind a router and was built for openwrt…