Author Topic: HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)  (Read 17523 times)

onemyndseye

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)
« on: October 06, 2010, 04:09:26 AM »
I spent days beating my head against the desk trying to make this work so I thought i would share :) These steps are relative to Ubuntu Lucid but should point users of other distro's in the right direction

My need was to block everything but localhost access to qbitt's WebUI and make it available as /torrent/ on my local apache web server.  I used mod_proxy to make this work.

First off we will need both mod_proxy and mod_xml2enc...


For mod_proxy:
Code: [Select]
sudo apt-get install libapache2-mod-proxy-html

For mod_xml2enc
Code: [Select]
sudo apt-get install apache2-prefork-dev
mkdir ~/modbuild/ && cd ~/modbuild/
wget http://apache.webthing.com/svn/apache/filters/mod_xml2enc.c
wget http://apache.webthing.com/svn/apache/filters/mod_xml2enc.h
apxs2 -aic -I/usr/include/libxml2 ./mod_xml2enc.c
cd ~
rm -rfd ~/modbuild/
sudo service apache2 restart


Now for the apache configs.   There are many many ways to do this and keep in mind this is deployed on a small intranet with only small needs for security.  I would enjoy hearing tips from others about access control to the /torrent/ location.  The following must be added to an existing vhost (my use case) or to a newly created one as it will not work outside of VirtualHost directives...

The basic config for qbitt's WebUI commented for clarity.
Code: [Select]
 ProxyRequests off
  <Proxy *>
      allow from all
  </Proxy>

  ## We need to transpose requests to WebUI's command scripts
  ## to the new location /torrent/command and feed it through
  ## the proxy denoted by [P]
  RewriteEngine On
  RewriteRule ^/command/?(.*)$ /torrent/command/$1 [P]

  ## The new location for WebUI. 127.0.0.1:9000 is where my
  ## WebUI resides.  Change these details to match your own needs
  <Location /torrent/>
        ProxyPass http://127.0.0.1:9000/
        ProxyPassReverse http://127.0.0.1:9000/
  </Location>


The same will work for Utorrent with some slight mods:
Code: [Select]
 ProxyRequests off
  <Proxy *>
      allow from all
  </Proxy>

  RewriteEngine On
  RewriteRule ^/gui/?(.*)$ /torrent/gui/$1 [P]
  <Location /torrent/>
        ProxyPass http://127.0.0.1:9000/gui/
        ProxyPassReverse http://127.0.0.1:9000/gui/
  </Location>


Restart apache and you should be able to access WebUI through http://http://yourlocalwebserver/torrent/


** Additional notes:  

I use a small self written portal to control access to my intranets webserver and I have been experimenting with some access control methods.


This is what I have so far...  Requests to /torrent/ are only allowed if referred from the portal home page and if the Request is successful I add the correct Authorization header so that entering user/pass is not needed.

Again commented for clarity
Code: [Select]

ProxyRequests off
<Proxy *>
    allow from all
</Proxy>

###  Rewrite all requests not being referred from /portal/home.php
### back to the portal login page. I admit this is all abit hackish
RewriteEngine On
RewriteCond %{THE_REQUEST} "GET /torrent/ HTTP/1.1"  [NC]
RewriteCond %{HTTP_REFERER} !^(.*)/portal/home.php [NC]
RewriteRule ^.*$ /index.php [R=301,L]

RewriteRule ^/command/?(.*)$ /torrent/command/$1 [P]
<Location /torrent/>
  ##  Add the Auth header.  My details have been scrambled.  To get a
  ## header thats correct for your setup use the following:
  ## curl -v --digest -u youruser http://127.0.0.1:9000/ |grep Auth
  ##
  ## uri=%{REQUEST_URI}e to supply the header with the correct Request URL
  ## every time a document is requested.
  RequestHeader add Authorization "Digest username="user", realm="Web UI Access", nonce="XXXX", uri=%{REQUEST_URI}e cnonce="XXX", nc=XXX, qop="auth", response="XXX", opaque="XXX", algorithm="MD5""
  ProxyPass http://127.0.0.1:9000/
  ProxyPassReverse http://127.0.0.1:9000/
</Location>



That should get you pointed in a working direction :)  Hope this helps
-onemyndseye
« Last Edit: January 01, 1970, 01:00:00 AM by Guest »

Peter

  • Administrator
  • Forum addict
  • *****
  • Posts: 1552
  • Karma: +37/-2
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorre
« Reply #1 on: October 06, 2010, 08:01:22 AM »
Stickied. :) I'll create a HOWTO section if we'll have some more later.

Thank you.
« Last Edit: January 01, 1970, 01:00:00 AM by Guest »
- qBittorrent team - server and forum administrator.
- Hungarian translation reviewer/moderator (+ translator).

Join the official qBittorrent Discord!
https://discord.gg/ma66Vv4

onemyndseye

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorre
« Reply #2 on: October 06, 2010, 11:04:35 AM »
very welcome :)


Further investigation of adding the Auth record to the header automatically is NOT reliable.  Either I am not doing something right (quite possible) or this method will not work.  Either way the rest of the method works nicely.
« Last Edit: January 01, 1970, 01:00:00 AM by Guest »

onemyndseye

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorre
« Reply #3 on: November 05, 2010, 11:24:37 PM »
Just an update on this:


I ended up recompiling qBT and removed web auth from it completely.   That way my users, who are auth'ed under SSL already, can go straight in.
« Last Edit: January 01, 1970, 01:00:00 AM by Guest »

qwertymanna

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)
« Reply #4 on: January 26, 2012, 04:23:04 PM »
thanks for this post
I've set up my apache in this way, everything works exept upload .torrent files.
apache error.log tell me:
Code: [Select]
[error] (103)Software caused connection abort: proxy: pass request body failed to 127.0.0.1:9000 (127.0.0.1)
[error] proxy: pass request body failed to 127.0.0.1:9000 (127.0.0.1) from 127.0.0.1 ()
It happens only when I use "Download Local Torrent"


travisjayclark

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)
« Reply #5 on: May 25, 2016, 06:41:23 PM »
Sorry If this sounds uninformed- But,

What is the benefit of running the webUI through an Apache webserver rather than just using the built in webUI functionality?  Is it some sort or security thing?  Can't see why you'd want to actually serve your torrent webUI to the external internet for large amounts of people to use.  I just sounds really cool and I want to know the reasoning behind it- what this solves for, because I probably have the same issue and just don't know it.

KitKat

  • Veteran
  • ***
  • Posts: 344
  • Karma: +26/-0
  • Here i stand with my bayonet...
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)
« Reply #6 on: May 25, 2016, 07:27:08 PM »
Sorry If this sounds uninformed- But,

What is the benefit of running the webUI through an Apache webserver rather than just using the built in webUI functionality?  Is it some sort or security thing?  Can't see why you'd want to actually serve your torrent webUI to the external internet for large amounts of people to use.  I just sounds really cool and I want to know the reasoning behind it- what this solves for, because I probably have the same issue and just don't know it.

As i understand it
Hes removed standard webui authentication and is using SSL authentication.
People authenticate with his webserver gain access to the /torrent/ directory and can use the webui.
Without the SSL authentication his webserver will serve people a forbidden error.

This is a far more secure implementation than the password/cookie system qbittorent uses because of how its implemented.
Btw standard webui also serves your UI to the internet if you port forward it, that is its purpose in life after all..

He's probably providing a seedbox service or something similar.

/e: It also allows him to host it on an actual website as a service in addition to other things.
Eg he could very well be hosting a linux/free movies/something not illegal related forums site and VIP members get access to the /torrents/ page.
« Last Edit: May 25, 2016, 07:33:17 PM by KitKat »
The following BBC is not allowed within your signature: html, img, php.

egandt

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: HOWTO: qBittorrent WebUI + Apache (with notes on utorrent)
« Reply #7 on: June 20, 2016, 01:34:52 AM »
I've spent the last 2 days fighting with qbittorrent 3.3.4 and Apache 2 on Ubuntu 16.04, I have qbitttorent running great on port 4545 so I can access it using:
http://localhost:4545/

Now I need to access it through Apache, as this is localhost only and I need remote access only accessible via SSL and Apache.

I've followed the instruction, and enable mod_rewrite and mod_xml2enc as well as mod_proxy and created a rule for qbittorrent:

                RewriteEngine On
                LogLevel alert rewrite:trace3
                RewriteRule ^/command/?(.*)$ /torrent/command/$1 [P]
                <Location /torrent>
                        Require all granted
                        ProxyPass http://127.0.01:4545/
                        ProxyPassReverse http://127.0.01:4545/
                </Location>

Now if I access it as using https://10.120.25.62/torrent/ I get a blank screen.  Now I've spent two days off and on playing with getting it to work, and simply put I can not get it to work at all.  Can someone post a functional apache2 configuration that works with qbittorrent 3.3.X as, I've exhausted all options I have to getting it to work.

Thanks,
ERIC