cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Limit the bind for the HTTPS server on 8443 to 127.0.0.1

Browse Source 
This server bind was overlooked
This commit is contained in:
Mark Felder
2025-03-24 12:12:43 -07:00
committed by holger krekel
parent e004a5e2f6
commit 8d34e036ec
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -2,6 +2,10 @@
## untagged
- Limit the bind for the HTTPS server on 8443 to 127.0.0.1
([#522](https://github.com/chatmail/server/pull/522))
([#532](https://github.com/chatmail/server/pull/532))
- Send SNI when connecting to outside servers
([#524](https://github.com/chatmail/server/pull/524))

5
cmdeploy/src/cmdeploy/nginx/nginx.conf.j2
View File

@@ -117,10 +117,7 @@ http {
# Redirect www. to non-www
server {
listen 8443 ssl;
{% if not disable_ipv6 %}
listen [::]:8443 ssl;
{% endif %}
listen 127.0.0.1:8443 ssl;
server_name www.{{ config.domain_name }};
return 301 $scheme://{{ config.domain_name }}$request_uri;
access_log syslog:server=unix:/dev/log,facility=local7;