Hosting website on USB stick

okw · August 18, 2022, 11:19am

What is the best way of securely setting up my 2011UiAS to host a very small (and and low traffic) web site? I have static IP.
It’s small and has like 5-10 visits a day. We have two computers connected at all the times, but would the built-in USB be more secure? Putting the 2-3MB website on a USB stick and mount this?

k6ccc · August 18, 2022, 2:36pm

Pretty straight forward. Set up a NAT forward for port 80 (and 443 if you have it secured) to whatever computer runs the web server.

add action=dst-nat chain=dstnat comment="Web Server on Jupiter." \
    dst-address-type=local dst-port=80 in-interface=Fiber_Internet protocol=tcp \
    to-addresses=192.168.201.11 to-ports=80

If you don’t have an allow anything DST NATted firewall rule, you need to specifically allow traffic to the web server. In my case, I have an allow all DST NATted.

add action=accept chain=forward comment="Accept all that is DST NATed" \
    connection-nat-state=dstnat connection-state=new

I’m not sure I understand what you mean by putting the web site on a USB drive. You need a computer running a web server - not just the web files. In my case, I am using Apache on my Windows server named Jupiter. For a lightly used website as you describe, you could easily use a RaspBerry Pi as the web server.

jvanhambelgium · August 18, 2022, 3:17pm

Too bad you have a 2011 that cannot run “containers” , that is a MIPS platform, you need ARM/ARM64/x64 for containers.
Otherwise that would have been your best option.

You also might want to experiment with the “proxy” feature of RouterOS, but make changes to all your webpages (Cache-Control directives) but I’m afraid the maximum value is 604800 (= 7 days) then any proxy will flush it and re-fetch it from the origin. If you manage to get ALL the “objects” of you small website in the cache and serve only from the cache … you “kind of” have some webserver but I have my doubts if it will work in practice. A very,very simple website only with some static ojects might work but…

So besides this I have no ideas how to accomplish this. You cannot “use” the webservice on RouterOS that serves “Webfig” for these purposes. That would be a complete security loophole. I don’t think you can “serve” other files than webfig and you do not have access to these files from RouterOS I believe.

bpwl · August 18, 2022, 4:45pm

Only need to share the files on the USB stick (SMB drive?), and be aware of the limitations

https://superuser.com/questions/543744/can-static-websites-be-viewed-without-a-server

BartoszP · August 19, 2022, 5:49am

IMHO it’s much better to buy Raspberry Pi and host a full WWW server on it. More flexible.

bpwl · August 19, 2022, 9:12am

ESP32 would be cheaper

https://lastminuteengineers.com/creating-esp32-web-server-arduino-ide/

pe1chl · August 19, 2022, 11:59am

But a 2011 can run MetaROUTER! That existed a decade before containers.
Of course you need some perseverance to get a webserver working in a custom MetaROUTER image, but it would be the same for containers.