Closed simplysoft closed 2 years ago
Hi,
Thanks for the heads up. This is something that flew under our radar and we'll deal with it.
So my current idea is to just allow there all ipv4 and ipv6 private IP ranges. Any thoughts there?
Makes sense, further restricting it to the exact range that is in use will be more challenging for ipv6. An other option could be to make it configurable and offload that complexity to the user
When dappnode is accessible via both legacy ip (ipv4) and ip (ipv6), nginx returns forbidden error when accessed
The nginx.conf only enables local legacy ip subnet resulting in forbidden due to deny all
https://github.com/dappnode/DNP_HTTPS/blob/master/fs_overlay/var/lib/nginx-conf/nginx.conf.erb#L120