opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-05 17:18:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
1a49febc02
dify/docker/ssrf_proxy/conf.d.example/10-allow-marketplace.conf.example
-LAN- 23c97ec7f7
chore: strengthen SSRF proxy default configuration 
- Block all private/internal networks by default to prevent SSRF attacks
- Restrict allowed ports to only HTTP (80) and HTTPS (443)
- Remove default domain allowlists (e.g., marketplace.dify.ai)
- Implement deny-all-by-default policy with explicit whitelisting
- Add example configuration files for common customization scenarios
- Provide comprehensive documentation for security configuration

Fixes #24392
2025-09-01 13:45:07 +08:00

5 lines
211 B
Plaintext
Raw Blame History

# Example: Allow access to Dify marketplace
# Copy this file to /etc/squid/conf.d/10-allow-marketplace.conf to enable
acl allowed_marketplace dstdomain .marketplace.dify.ai
http_access allow allowed_marketplace
Reference in New Issue View Git Blame Copy Permalink