Closed ne20002 closed 2 years ago
/index.php/apps/uppush
must be accessible by your client./_matrix/push/v1/notify
must be accessible by your matrix client and your matrix server./index.php/apps/uppush/push
must be accessible by other servers (mastodon server for instance) if you need it.Hmm, having my Friendica, Synapse and Nextcloud running in my dmz and having all my clients within my network... I can limit access to all three path to my network only, not accessible from outside/Internet. Thank you
You're welcome :)
Hi
I wonder how I should/can secure the paths used for NextPush.
For my Matrix Synapse server I have two locations defined in the reverse proxy: /_matrix allowed for all /_matrix/client only allowed from within my network.
I can do this as all my Element clients are inside my network. The /_matrix/client path does not need to be accessible from outside.
For NextPush I wonder if I can do similar.
For Matrix the path /_matrix/push/v1/notify, is this needed from outside? Who is using this endpoint? The clients? Other matrix server?
Also, for Nextpush: /index.php/apps/uppush
I assume this is only used by the clients and also called from e.g. the Matrix server as forwarded in the reverse proxy. So it does not need to be accessible fromoutside if all my clients are inside my network?