mirror of
https://github.com/langgenius/dify.git
synced 2026-04-07 00:46:50 +08:00
23c97ec7f7
- Block all private/internal networks by default to prevent SSRF attacks - Restrict allowed ports to only HTTP (80) and HTTPS (443) - Remove default domain allowlists (e.g., marketplace.dify.ai) - Implement deny-all-by-default policy with explicit whitelisting - Add example configuration files for common customization scenarios - Provide comprehensive documentation for security configuration Fixes #24392
75 lines
3.2 KiB
Plaintext
75 lines
3.2 KiB
Plaintext
################################## SSRF Protection Configuration ##################################
|
|
# This is a strict default configuration to prevent SSRF attacks
|
|
# To allow additional domains or relax restrictions, create config files in /etc/squid/conf.d/
|
|
|
|
################################## Security ACLs ##################################
|
|
# Define private/local networks that should be BLOCKED by default
|
|
acl private_networks dst 0.0.0.0/8 # "This" network
|
|
acl private_networks dst 10.0.0.0/8 # RFC 1918 private network
|
|
acl private_networks dst 100.64.0.0/10 # RFC 6598 shared address space
|
|
acl private_networks dst 127.0.0.0/8 # Loopback
|
|
acl private_networks dst 169.254.0.0/16 # RFC 3927 link-local
|
|
acl private_networks dst 172.16.0.0/12 # RFC 1918 private network
|
|
acl private_networks dst 192.168.0.0/16 # RFC 1918 private network
|
|
acl private_networks dst 224.0.0.0/4 # Multicast
|
|
acl private_networks dst 240.0.0.0/4 # Reserved for future use
|
|
acl private_networks dst 255.255.255.255/32 # Broadcast
|
|
acl private_networks dst fc00::/7 # IPv6 unique local addresses
|
|
acl private_networks dst fe80::/10 # IPv6 link-local addresses
|
|
acl private_networks dst ::1/128 # IPv6 loopback
|
|
acl private_networks dst ff00::/8 # IPv6 multicast
|
|
|
|
# Define ports
|
|
acl SSL_ports port 443
|
|
acl Safe_ports port 80 # http
|
|
acl Safe_ports port 443 # https
|
|
acl CONNECT method CONNECT
|
|
|
|
################################## Strict Default Rules ##################################
|
|
# DENY access to all private/local networks - prevents SSRF attacks
|
|
http_access deny private_networks
|
|
|
|
# DENY non-safe ports
|
|
http_access deny !Safe_ports
|
|
|
|
# DENY CONNECT to non-SSL ports
|
|
http_access deny CONNECT !SSL_ports
|
|
|
|
# Allow manager access from localhost only
|
|
http_access allow localhost manager
|
|
http_access deny manager
|
|
|
|
# DENY all requests by default
|
|
# User overrides in /etc/squid/conf.d/*.conf should be placed here
|
|
include /etc/squid/conf.d/*.conf
|
|
|
|
# Final deny all
|
|
http_access deny all
|
|
|
|
################################## Proxy Server Configuration ##################################
|
|
http_port ${HTTP_PORT}
|
|
coredump_dir ${COREDUMP_DIR}
|
|
|
|
# Refresh patterns
|
|
refresh_pattern ^ftp: 1440 20% 10080
|
|
refresh_pattern ^gopher: 1440 0% 1440
|
|
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
|
|
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
|
|
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
|
|
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
|
|
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
|
|
refresh_pattern . 0 20% 4320
|
|
|
|
# Upstream proxy configuration (uncomment and configure if needed)
|
|
# cache_peer <upstream_proxy_ip> parent 3128 0 no-query no-digest no-netdb-exchange default
|
|
|
|
################################## Reverse Proxy To Sandbox ##################################
|
|
http_port ${REVERSE_PROXY_PORT} accel vhost
|
|
cache_peer ${SANDBOX_HOST} parent ${SANDBOX_PORT} 0 no-query originserver
|
|
|
|
# Allow reverse proxy access from all sources (for sandbox connectivity)
|
|
acl reverse_proxy_port myport ${REVERSE_PROXY_PORT}
|
|
http_access allow reverse_proxy_port
|
|
|
|
# Buffer size for file uploads
|
|
client_request_buffer_max_size 100 MB |