devol
/
searx
mirror of https://github.com/searx/searx
1
0
Fork 0
Code Issues Releases Wiki Activity
searx/docs/admin
History
Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration 
The suggested configurations for nginx found in the documentation and
templates lead to vulnerabilities allowing host spoofing [1] and path
traversal [2], as reported by Gixy [3]. This commit fixes those issues.

[1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
[2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
[3] https://github.com/yandex/gixy
 		2021-03-03 12:34:22 +01:00
..
engines
api.rst
arch_public.dot
architecture.rst
buildhosts.rst
engines.rst
filtron.rst Fix security vulnerabilities in suggested nginx configuration 2021-03-03 12:34:22 +01:00
index.rst
installation-apache.rst
installation-docker.rst
installation-nginx.rst Fix security vulnerabilities in suggested nginx configuration 2021-03-03 12:34:22 +01:00
installation-searx.rst
installation-uwsgi.rst
installation.rst
morty.rst
plugins.rst
settings.rst
update-searx.rst