Enforce trusted proxy servers
This commit is contained in:
Damian Mooyman
parent
9f686e0908
commit
e759ffbcdc
|
|
@ -23,6 +23,13 @@
|
|||
ErrorDocument 404 /assets/error-404.html
|
||||
ErrorDocument 500 /assets/error-500.html
|
||||
|
||||
<IfModule mod_env.c>
|
||||
# Ensure that X-Forwarded-Host is only allowed to determine the request
|
||||
# hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
|
||||
# Note that in a future release this setting will be always on.
|
||||
#SetEnv BlockUntrustedProxyHeaders true
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_rewrite.c>
|
||||
|
||||
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
|
||||
|
|
|
|||
Loading…
Reference in New Issue