devol/searx
1
0
Fork 0
mirror of https://github.com/searx/searx synced 2025-01-31 18:34:48 +01:00
Code Issues Releases Wiki Activity
searx/docs/admin
History
Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration 
The suggested configurations for nginx found in the documentation and
templates lead to vulnerabilities allowing host spoofing [1] and path
traversal [2], as reported by Gixy [3]. This commit fixes those issues.

[1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
[2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
[3] https://github.com/yandex/gixy
2021-03-03 12:34:22 +01:00
..
engines
Add recoll engine (#2325)
2020-11-30 08:35:15 +01:00
api.rst
doc: proofread of the all reST sources (no content change)
2019-12-12 19:20:56 +01:00
arch_public.dot
[fix] migration from github.com/asciimoo/searx to github.com/searx/searx : fix URLs
2020-09-28 16:44:14 +02:00
architecture.rst
docs: proofreading of all the installation topics
2020-04-09 15:04:23 +02:00
buildhosts.rst
[mod] documentations & comments: update http://* URL to https://*.
2020-12-04 16:52:25 +01:00
engines.rst
[mod] documentation: change the jinja context doesn't depend on searx.webapp
2020-12-27 10:00:35 +01:00
filtron.rst
Fix security vulnerabilities in suggested nginx configuration
2021-03-03 12:34:22 +01:00
index.rst
docs: generic documentation from the installation scripts
2020-03-02 19:00:19 +01:00
installation-apache.rst
[doc] improve admin-docs about result proxy (morty) configuration
2021-01-27 09:58:06 +01:00
installation-docker.rst
[fix] migration from github.com/asciimoo/searx to github.com/searx/searx : fix URLs
2020-09-28 16:44:14 +02:00
installation-nginx.rst
Fix security vulnerabilities in suggested nginx configuration
2021-03-03 12:34:22 +01:00
installation-searx.rst
[mod] improve settings documentation
2021-01-11 22:12:38 +01:00
installation-uwsgi.rst
[fix] markup of auto generated installation instruction (uWSGI part)
2020-06-24 15:15:15 +02:00
installation.rst
[mod] move brand options from Makefile to settings.yml
2021-01-11 22:12:38 +01:00
morty.rst
[doc] improve admin-docs about result proxy (morty) configuration
2021-01-27 09:58:06 +01:00
plugins.rst
[mod] documentation: change the jinja context doesn't depend on searx.webapp
2020-12-27 10:00:35 +01:00
settings.rst
[mod] improve settings documentation
2021-01-11 22:12:38 +01:00
update-searx.rst
docs: generic documentation from the installation scripts
2020-03-02 19:00:19 +01:00