Ensure BlockUntrustedProxyHeaders is enabled by default

2024-10-22 17:05:33 +02:00 · 2015-05-29 11:46:47 +12:00 · 2015-05-29 11:46:47 +12:00 · d467b16bf2
commit d467b16bf2
parent e759ffbcdc
1 changed files with 1 additions and 1 deletions
--- a/.htaccess
+++ b/.htaccess
@ -27,7 +27,7 @@ ErrorDocument 500 /assets/error-500.html
 	# Ensure that X-Forwarded-Host is only allowed to determine the request
 	# hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
 	# Note that in a future release this setting will be always on.
-	#SetEnv BlockUntrustedProxyHeaders true
+	SetEnv BlockUntrustedIPs true
 </IfModule>

 <IfModule mod_rewrite.c>