gdorn/FreshRSS-Extensions
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Apache: disallow access to local resources

Browse source
This commit is contained in:
root 2020-04-05 19:59:45 +02:00
parent cc24497c5c
commit 5881c20661
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
xExtension-ImageProxy/README.md
View file

@ -45,8 +45,8 @@ Along the following Apache configuration for the `www.example.org` virtual host:
RewriteRule ^ https://%1 [QSA,P,L] RewriteRule ^ https://%1 [QSA,P,L]
RewriteCond %{REQUEST_URI} ^/proxy/http:/+(.*)$ RewriteCond %{REQUEST_URI} ^/proxy/http:/+(.*)$
RewriteRule ^ http://%1 [QSA,P,L] RewriteRule ^ http://%1 [QSA,P,L]
# CRITICAL: Do NOT leave your proxy open to everyone!!!
<Location "/proxy/"> <Location "/proxy/">
# CRITICAL: Do NOT leave your proxy open to everyone!!!
# Local network # Local network
Require ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 Require ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
# Users # Users
@ -58,4 +58,8 @@ Along the following Apache configuration for the `www.example.org` virtual host:
# Local network OR authenticated users # Local network OR authenticated users
Satisfy any Satisfy any
</Location> </Location>
# CRITICAL: Do NOT allow access to local resources!!!
<LocationMatch "^/proxy/.*(localhost|127\.0\.0\.1|::1|local\.domain)">
Require all denied
</LocationMatch>
``` ```