diff options
author | ArthurHoaro <arthur@hoa.ro> | 2016-08-03 10:36:47 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2016-08-03 10:36:47 +0200 |
commit | 50d179183810a7b719bc10da2b9c4a95fd9dddee (patch) | |
tree | e669db360950025b4b6534075e940f532b0f00f3 /doc/Server-security.html | |
parent | c7a42ab1d9b21bf53cd30bc57b57789716c8711b (diff) | |
download | Shaarli-50d179183810a7b719bc10da2b9c4a95fd9dddee.tar.gz Shaarli-50d179183810a7b719bc10da2b9c4a95fd9dddee.tar.zst Shaarli-50d179183810a7b719bc10da2b9c4a95fd9dddee.zip |
Add trusted IPs in config and try to ban forwarded IP on failed login
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
* On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
* If found, the client address is added in ipbans, else we do nothing.
Fixes #409
Diffstat (limited to 'doc/Server-security.html')
0 files changed, 0 insertions, 0 deletions