Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.

Cloudron Forum

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

M

Wireguard VPN
Watching Ignoring Scheduled Pinned Locked Moved Solved App Wishlist wireguard vpn cloudron security
108

73 Votes

108 Posts

56k Views

G

This is finally packaged.
A

Wordpress: restrict access by IP (wp-admin and wp-login.php)
Watching Ignoring Scheduled Pinned Locked Moved WordPress (Managed) wordpress cloudron htaccess security nginx
3

0 Votes

3 Posts

14k Views

N

@ahkg the reason for whitelisting 172.18.0.1 give access to all requests, is that this is the ip of the Cloudron internal gateway into the subnet where all apps are running. Unfortunately for your case the cloudron healtcheck also comes via this gateway. I think your htaccess file needs to check for the X-Forwarded-For header to check against the correct inbound address.
S

Improve security and ciphers
Watching Ignoring Scheduled Pinned Locked Moved Solved Support security
8

2 Votes

8 Posts

3k Views

N

I have updated the ciphers now according to mozilla's config generator. The commit is https://git.cloudron.io/cloudron/box/commit/ddaa52163bf3844b36d6c29fdffb5db3e0b3f5d0 For the CSP settings, this indeed cannot properly be done on a platform level, as apps require differently strict settings there and have to provide this on their own, so this should ideally be fixed in each app upstream.

Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.

Cloudron Forum

Wireguard VPN

Wordpress: restrict access by IP (wp-admin and wp-login.php)

Improve security and ciphers