Remote Access Control - Githubissues

ProxymanApp / Proxyman

Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️

https://proxyman.io

5.48k stars 179 forks source link

Remote Access Control #1497

Open NghiaTranUIT opened 1 year ago

NghiaTranUIT commented 1 year ago

Description

We should implement this security feature for Proxyman.

Screenshot 2023-01-13 at 18 30 03

For the context:

A security team, which is from one of Proxyman's customers, is concerned that the attackers can use apps IP Scanner app to scan all opened IPs/Ports. Thus, they can remotely connect to Proxyman and goes to the trusted network.
Charles Proxy prompts the alert show the user can allow/disallow this device to connect to Charles Proxy app.

Why this feature/change is important?

Enhance the security of the app.
Serve better for the enterprise environment.

NghiaTranUIT commented 1 year ago

Done: https://proxyman.s3.us-east-2.amazonaws.com/beta/Proxyman_4.0.0_Support_Access_Control_Feature.dmg

Feature

Access Control via Tool Menu -> Proxy Setting
3 modes:
1. Allow all (default): Remote connection are able to connect to Proxyman as usual
2. Disallow all: Remote connections are unable to connect to Proxyman.
3. Specific IP: Decide which device can be connected. Prompt if needed 👍

Screenshot

Proxyman Access Control

Proxyman Access Control