Giters

LinkStackOrg / LinkStack

LinkStack - the ultimate solution for creating a personalized & professional profile page. Showcase all your important links in one place, forget the limitation of one link on social media. Set up your personal site on your own server with just a few clicks.

Home Page:https://linkstack.org

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

List of routes for firewall?

ebai101 opened this issue · comments

commented

I'm running a Docker instance with a single user page. I have it set as the home page, so the TLD points directly to that user page. I want to put the admin tools behind a firewall so that only the user page is publicly accessible.

So far it seems like these routes need to be public:

mydomain.com
mydomain.com/going/*

and these should be private:

mydomain.com/dashboard
mydomain.com/admin/*
mydomain.com/studio/*
mydomain.com/update

Am I missing anything? Is there a list somewhere I could refer to? Thanks!

commented

Should be possible, i asked ChatGPT and he gave me the following. (Both are not tested)
NGINX

server {
    listen 80;
    server_name your_domain.com;

    location / {
        # Allow access to everyone
        allow all;
        # Other configuration for the root location
        # ...
    }

    location /admin {
        # Allow access only from the specified IP range (192.168.1.0/24 in this case)
        allow 192.168.1.0/24;
        # Deny access to everyone else
        deny all;
        # Other configuration for the /admin location
        # ...
    }

    # Additional server configurations...
}

Apache2:

<VirtualHost *:80>
    ServerName your_domain.com

    DocumentRoot /var/www/html

    <Directory "/var/www/html">
        Require all granted
        # Other configuration for the root directory
        # ...
    </Directory>

    <Location "/admin">
        Order deny,allow
        Deny from all
        Allow from 192.168.1
        # Other configuration for the /admin location
        # ...
    </Location>

    # Additional virtual host configurations...
</VirtualHost>
commented

Thanks, I appreciate it - not what I'm looking for though. I'm trying to find a complete list of routes used by LinkStack, and these config files don't have that information.

commented

All the routes should be here. I did a quick look and it seems that every route is mentioned. BTW Every route begins with a / like /dashboard or /login

commented

That is correct, all routes are here: https://github.com/LinkStackOrg/LinkStack/tree/main/routes.
We don't have a complete list of routes.

I'd recommend blocking all routes other than:
mydomain.com

mydomain.com/going/* is not required anymore since the latest version.

I'm not sure if you need to unblock the assets routes to load.
mydomain.com/assets/*