Restrict access to Volumio

Diy and Tweaks Diy and Tweaks
1

Sometimes you just don’t want everyone to have access to your Volumio interface. This very simple method will ask for a username/password:

Create a file in /var/www called login.php with

sudo nano /var/www/login.php

Insert the following text:

and save the file (Ctrl+X, Y, Enter)

Change the file /var/www/index.php

sudo nano /var/www/index.php

Change the following lines:

to:

The next time you start browsing to Volumio it will ask you for a username/password which in this case is music/player
(can be changed in the first line of the php code in login.php)

4

It would be nice if that worked but Volumio doesn’t use /var/www but /static/volumio/http with the javascript express web server thingy.

If someone finds out how to run php code, the code above is easily changed to a ip-whitelist. E.g.

<?php $ip_access = array(
    "127.0.0.1",   // localhost
    "192.168.0.2", // he
    "192.168.0.3", // she
    "192.168.0.4"  // it
    );

$ip_user = $_SERVER['REMOTE_ADDR'];

if (!in_array($ip_user, $ip_access))
{
    header('WWW-Authenticate: Basic realm="MusicPlayer"');
    header('HTTP/1.0 401 Unauthorized');
    die("Not authorized");
} ?>