--- Name: requestprocessors --- SilverStripe\Core\Injector\Injector: SilverStripe\Control\Director: # Note: Don't add 'class' config here, as it will affect ErrorDirector as well properties: Middlewares: TrustedProxyMiddleware: '%$SilverStripe\Control\Middleware\TrustedProxyMiddleware' AllowedHostsMiddleware: '%$SilverStripe\Control\Middleware\AllowedHostsMiddleware' SessionMiddleware: '%$SilverStripe\Control\Middleware\SessionMiddleware' RequestProcessorMiddleware: '%$SilverStripe\Control\RequestProcessor' FlushMiddleware: '%$SilverStripe\Control\Middleware\FlushMiddleware' HTTPCacheControleMiddleware: '%$SilverStripe\Control\Middleware\HTTPCacheControlMiddleware' CanonicalURLMiddleware: '%$SilverStripe\Control\Middleware\CanonicalURLMiddleware' SilverStripe\Control\Middleware\AllowedHostsMiddleware: properties: AllowedHosts: '`SS_ALLOWED_HOSTS`' SilverStripe\Control\Middleware\TrustedProxyMiddleware: properties: TrustedProxyIPs: '`SS_TRUSTED_PROXY_IPS`' SecurityRateLimitMiddleware: class: SilverStripe\Control\Middleware\RateLimitMiddleware properties: ExtraKey: 'Security' MaxAttempts: 10 Decay: 1 RateLimitedSecurityController: class: SilverStripe\Control\Middleware\RequestHandlerMiddlewareAdapter properties: RequestHandler: '%$SilverStripe\Security\Security' Middlewares: - '%$SecurityRateLimitMiddleware' --- Name: errorrequestprocessors After: - '#requestprocessors' --- SilverStripe\Core\Injector\Injector: # Note: If Director config changes, take note it will affect this config too SilverStripe\Core\Startup\ErrorDirector: '%$SilverStripe\Control\Director' --- Name: canonicalurls --- SilverStripe\Core\Injector\Injector: SilverStripe\Control\Middleware\CanonicalURLMiddleware: properties: ForceSSL: false ForceWWW: false --- Name: httpcache-dev Only: environment: dev --- SilverStripe\Core\Injector\Injector: SilverStripe\Control\Middleware\HTTPCacheControlMiddleware: Properties: Enabled: false