diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 12:08:03 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 12:08:18 +0000 |
commit | 5da14042f70711ea5cf66e034699730335462f66 (patch) | |
tree | 0f6354ccac934ed87a2d555f45be4c831cf92f4a /src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf | |
parent | Releasing debian version 1.44.3-2. (diff) | |
download | netdata-5da14042f70711ea5cf66e034699730335462f66.tar.xz netdata-5da14042f70711ea5cf66e034699730335462f66.zip |
Merging upstream version 1.45.3+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf')
-rw-r--r-- | src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf b/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf new file mode 100644 index 000000000..efeaf5d9a --- /dev/null +++ b/src/fluent-bit/lib/monkey/plugins/mandril/conf/mandril.conf @@ -0,0 +1,57 @@ +# Monkey HTTP Daemon - Mandril +# ============================ +# Mandril Plugin provide security rules to be applied to the incomming +# connections. If the client is rejected by some rule, it will get the +# 403 Forbidden error status. +# +# It supports two restriction modes, by request URI and by IP (or network +# range), make sure all your rules are defined under the section [RULES]: +# +# a) Restriction by request URI: +# +# You can define multiple keywords to restrict a specific incoming +# request which hold that string. Check this example: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# +# b) Restriction by IP or network range: +# +# Multiple rules can be defined to deny the access to specific incoming +# clients: +# +# [RULES] +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# +# In the first rule we are blocking a range of IPs from 10.20.1.1 to +# 10.20.1.255. In the second example just one specific IP address. +# +# It also supports denying hotlinking from other domains. +# +# c) +# +# [RULES] +# deny_hotlink /imgs +# +# This rule will prevent access to all files under /imgs if the +# request's Referer header is not from the same domain or its +# subdomains. +# If the Referer header is missing, the request will be accepted. +# +# You can mix the rules type under the [RULE] section, so the following example +# is totally valid: +# +# [RULES] +# URL documents +# URL pictures +# URL /private +# IP 10.20.1.1/24 +# IP 192.168.3.150 +# + +[RULES] + # IP 127.0.0.1 + # URL /imgs |