diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2016-04-27 17:52:33 +0100 |
---|---|---|
committer | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2016-04-27 17:59:58 +0100 |
commit | 563d46cb9b78a1617708f6bd4e47c1960b3038e8 (patch) | |
tree | 0ae4a2fc94e9fcd03578c14a5af6f59435151773 | |
parent | 5c1440dc02e4cb2677ad404b77a8901dd60a696f (diff) | |
download | lorry-controller-563d46cb9b78a1617708f6bd4e47c1960b3038e8.tar.gz |
Bind webapp server on 127.0.0.1 by default
Most of us thought this was the default configuration,
but it wasn't.
This change means that the webapp service will only be accessible
from the same host that is running it, making it more secure.
Thanks to Ben Brown for finding this error.
Change-Id: I27f6604a0ebc7a093b63b11345b9c8963ed91c18
-rw-r--r-- | etc/lighttpd/lorry-controller-webapp-httpd.conf | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/lighttpd/lorry-controller-webapp-httpd.conf b/etc/lighttpd/lorry-controller-webapp-httpd.conf index ec92783..319c8ec 100644 --- a/etc/lighttpd/lorry-controller-webapp-httpd.conf +++ b/etc/lighttpd/lorry-controller-webapp-httpd.conf @@ -1,5 +1,6 @@ server.document-root = "/var/www/htdocs" +server.bind = "127.0.0.1" server.port = 12765 server.username = "lorry" @@ -15,7 +16,7 @@ mimetype.assign = ( ".css" => "text/css" ) -$SERVER["socket"] == ":12765" { +$SERVER["socket"] == "127.0.0.1:12765" { server.username = "lorry" server.groupname = "lorry" fastcgi.server = ( |