No access to web interface outside of the phone

Is there a reason why the web interface of syncthing on Android is not exposed outside of the phone itself?

I can remotely get to all web endpoints on all my devices, except my phone.

Is this a limitation of Android or was the binding done only on 127.x for some reason?

In the Settings->GUI App Settings → Syncthing Options → GUI Listen Address panel you can change the listening address from 127.0.0.1:8384 to 0.0.0.0:8384 and then it does work.

1 Like

The app overrides that. The address can be changed, but you need to do it in the app settings, not the Web GUI. Already fixed in the post above :slight_smile:.

On a side note, in the Web GUI, you can use :8384 and it will automatically resolve to 0.0.0.0:8384, but in the app settings, you need to input 0.0.0.0:8384 explicitly. If you input just the port, the GUI will fail to load.

The GUI is limited to 127.0.0.1/localhost by default everywhere (see https://docs.syncthing.net/intro/getting-started.html). This isn’t something specific to Android. Have you maybe encountered any third party installations/wrappers which used different settings?

2 Likes

Thanks you @er-pa and @tomasz86 for the answers. Updating the configuration, changing the password and restarting worked.

The GUI is limited to 127.0.0.1 /localhost by default everywhere (see Getting Started — Syncthing documentation). This isn’t something specific to Android. Have you maybe encountered any third party installations/wrappers which used different settings?

Well, I was under the impression that my Linux devices (Arch, Debian, RaspberryOS) used a 0.0.0.0 setting out of the box. I am probably mistaken and memory fails me - I must have set that manually.

What is a bit surprising is that I would naturally have gone to my Android Syncthing settings to switch to 0.0.0.0 if I would have remembered that I did it elsewhere. It must be the age showing :face_with_diagonal_mouth:

I just checked and SyncTrazor is on 127.0.0.1 but I would not have tried to changed that anyway because it is my central machine for tinkering (i.e. I do not need to access its web interface remotely ever)

That as default would be very unsafe, especially on public Wi-Fi and similar :face_with_open_eyes_and_hand_over_mouth:. Syncthing actually displays a large warning message if you attempt to change the address to 0.0.0.0 with no username and password set in the GUI.

I totally agree.

I did see that message on all my devices, including the Linux ones (and I disabled the message because it is not relevant in my case). If it appears after a manual override of a default 127.0.0.1 binding, it means that I indeed must have changed it on the Linux boxes and forgot about that.

I will be doing a DRP test of my home systems and services soon, I will test that comprehensively then.