Open zpriddy opened 8 years ago
@zpriddy Hey, nice idea. Are you able to implement a way of making this optional, maybe through the config files?
It should be simple enough to do.. Im not really a js coder but it is something that I can look into.
So.. In thinking about this.. I think it would be good to have https on all connections...
The only concern that I have is that c9 is using ports 3000-5000 right? This would mean that we would need 2000 ports on nginx config - that might be overwhelming..
Is there any chance that we can limit it to 100 ports? and then start recycling those ports? I was trying to do that but failed to do so. I saw in the history that @Harjot1Singh fixed a bug to allow all those ports.. Is there any good reason why we cant un do that? Any downside to that?
@zpriddy Sorry for coming back to it now. I'm not sure what you mean, cloud9hub originally used those 2000 ports, before I changed anything. The range can easily be changed though.
I added a layer of HTTP using letsencrypt and nginx. It now requires basic auth when accessing the c9 IDE. I did not like how everything was open to the internet without even https with c9 - more so with no password if the IDE was running considering it has access to a shell. There is more that can be done - maybe using oauth2_proxy in the future. This is just a quick security improvement. @Harjot1Singh @AVGP Feel free to contact me if you have any questions about these changes or would like to start working together - me@zpriddy.com