devol
/
searx
mirror of https://github.com/searx/searx
1
0
Fork 0
Code Issues Releases Wiki Activity
searx/utils/templates/etc
History
Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration 
The suggested configurations for nginx found in the documentation and
templates lead to vulnerabilities allowing host spoofing [1] and path
traversal [2], as reported by Gixy [3]. This commit fixes those issues.

[1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
[2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
[3] https://github.com/yandex/gixy
 		2021-03-03 12:34:22 +01:00
..
filtron [fix] indentation of filtron's rules (json) 2020-06-18 18:31:46 +02:00
httpd/sites-available Changes from the installation tests on (all) LXC containers. 2020-04-08 18:38:36 +02:00
nginx/default.apps-available Fix security vulnerabilities in suggested nginx configuration 2021-03-03 12:34:22 +01:00
searx [doc] recommend to use 'use_default_settings=True' 2020-12-08 20:19:10 +01:00
uwsgi [enh] add searx.shared 2021-01-12 11:47:17 +01:00
apache2 apache: normalize installation (docs and script)s over all distros 2020-04-07 18:31:51 +02:00