List of routes for firewall?
ebai101 opened this issue · comments
I'm running a Docker instance with a single user page. I have it set as the home page, so the TLD points directly to that user page. I want to put the admin tools behind a firewall so that only the user page is publicly accessible.
So far it seems like these routes need to be public:
mydomain.com
mydomain.com/going/*
and these should be private:
mydomain.com/dashboard
mydomain.com/admin/*
mydomain.com/studio/*
mydomain.com/update
Am I missing anything? Is there a list somewhere I could refer to? Thanks!
Should be possible, i asked ChatGPT and he gave me the following. (Both are not tested)
NGINX
server {
listen 80;
server_name your_domain.com;
location / {
# Allow access to everyone
allow all;
# Other configuration for the root location
# ...
}
location /admin {
# Allow access only from the specified IP range (192.168.1.0/24 in this case)
allow 192.168.1.0/24;
# Deny access to everyone else
deny all;
# Other configuration for the /admin location
# ...
}
# Additional server configurations...
}
Apache2:
<VirtualHost *:80>
ServerName your_domain.com
DocumentRoot /var/www/html
<Directory "/var/www/html">
Require all granted
# Other configuration for the root directory
# ...
</Directory>
<Location "/admin">
Order deny,allow
Deny from all
Allow from 192.168.1
# Other configuration for the /admin location
# ...
</Location>
# Additional virtual host configurations...
</VirtualHost>
Thanks, I appreciate it - not what I'm looking for though. I'm trying to find a complete list of routes used by LinkStack, and these config files don't have that information.
All the routes should be here. I did a quick look and it seems that every route is mentioned. BTW Every route begins with a / like /dashboard or /login
That is correct, all routes are here: https://github.com/LinkStackOrg/LinkStack/tree/main/routes.
We don't have a complete list of routes.
I'd recommend blocking all routes other than:
mydomain.com
mydomain.com/going/* is not required anymore since the latest version.
I'm not sure if you need to unblock the assets routes to load.
mydomain.com/assets/*