Is OpenWRT 4/32 too small?
The problem is that your router appears to be a 4/32 unit, which is too small for running OpenWrt with OpenVPN installed (and there is no USB port to enable extroot).
Does OpenWRT protect from hacked servers?
It does nothing to protect the server from being hacked. If you have the OpenWrt router connected to the main network through its WAN, (double-NATting), you have to open a port on the WAN to allow SSH in. The OpenWrt router's LAN address does not matter. Internet (public IP) -> main router -> Open Wrt's WAN IP on the main router's LAN -> Openwrt ...
Is Luci secure over the internet?
Make sure that Luci works with https, it is not secure to connect over the internet with http. It is not recmmonded to open LuCI on WAN because - even if HTTPS is used, the interface can be Brute Forced, then your router is p0wned. A VPN should be used, especially if you do not wish to use the built in SSH.
Does OpenWRT WAN address matter?
The OpenWrt router's LAN address does not matter. Internet (public IP) -> main router -> Open Wrt's WAN IP on the main router's LAN -> Openwrt WAN -> Dropbear SSH. Forward a port from the Internet to port 22 at the OpenWrt router's IP known above. It is best not to use port 22 on the Internet, it will get probed a lot.
Is 192.168.100.0/24 under your control?
Yes (for security purposes, this still means that the network 192.168.100.0/24 should be under your control): config rule option target 'ACCEPT' option src 'wan' option proto 'tcp' option dest_port '80' option src_ip '192.168.100.0/24' option name 'WAN_LuCI'. SSH or VPN is the only secure way to do this.
Step 1: I Assume, That You Have OpenWrt Already...
I had to install OpenWrt first... Mostly, I followed this guide (specific for this router model): https://dzone.com/articles/hacking-into-xiaomi-mi-... While working on this, I found this awesome video: Openwrt installation, WiFi benchmark, Girlfriend Flashing. Wow I laughed so hard! :)
Step 2: Software and Tools
On the smartphone side, I'm using Blynk. It provides iOS and Android apps to control any hardware. You can easily build beautiful graphic interfaces for all your projects by simply dragging and dropping widgets, right on your smartphone. Blynk is mostly used with Arduino, Raspberry Pi, etc. But why not running it on the router itself? ;)
Step 4: Adding Some Info: Number of Clients, WAN IP Address, Uptime
The basic idea is to get the info from the OS periodically, perform some simple computations if needed, and then send the result to Blynk for display.
Step 7: HDD Spinning Status
My router has an external HDD drive connected as a Network Attached Storage device. The thing is, this drive is configured to start spinning when someone accesses it, and to suspend after a timeout.
Step 8: Network Activity Chart
We Create another SuperChart widget (similar to previous one), Add TX and RX datastreams, and assign to V1 and V2. Note: I want to display WAN port statc, and my WAN port is eth0.2
Step 9: Notifications
I also wanted to be notified when my Router looses power or internet connection. For this, we need Notification widget.
Step 10: Autorun in Background
For now the script has to be manually executed, but I want to make it run in background automatically when router is powered up.