It is possible to use SSH tunneling to access http resources over an SSH connection. This means that the firewall can block all incoming HTTP requests over WAN and accept only SSH requests. Once the SSH connection is established (it is believed to be secure as the public and private keys must match), it is possible to forward requests over the tunnel to get HTTP access.
For this to work, you need to have configured SSH access to your router first and enable the rule AcceptSSHWAN in Network > Firewall > Traffic rules:
Configuration on Linux/Mac
On Linux/Mac, the port forwarding can be triggered by executing following command:
ssh -L 8080:127.0.0.1:80 root@<public_ip_of_router>
Configuration on Windows
On Windows computers, you need to add the port forwarding settings in Connection > SSH > Tunnels.
Source port is 8080
Destination is 127.0.0.1:80 Local.
Click Add and then Open.
Test HTTP access over the SSH tunnel
Once this is configured, you will be able to go to your preferred browser and get access to your router by entering URL http://127.0.0.1:8080
This way, it is possible to reject HTTP requests and grant access to the web interface to authorized users only (i.e. the ones with an allowed SSH key).