bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change Caddyfile to block requests if they don't start with ROOT_PATH

Browse Source
This commit is contained in:
Iam54r1n4
2025-02-05 21:52:12 +00:00
parent 492719eb3a
commit cd69795c5e
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/scripts/webpanel/webpanel_shell.sh
View File

@ -64,10 +64,23 @@ update_caddy_file() {
# Update the Caddyfile without the email directive # Update the Caddyfile without the email directive
cat <<EOL > "$config_file" cat <<EOL > "$config_file"
$DOMAIN:$PORT { $DOMAIN:$PORT {
# Define a route to handle all requests starting with ROOT_PATH('/$ROOT_PATH/')
route /$ROOT_PATH/* { route /$ROOT_PATH/* {
uri strip_prefix /$ROOT_PATH # We don't strip the ROOT_PATH('/$ROOT_PATH/') from the request
# uri strip_prefix /$ROOT_PATH
# We are proxying all requests under the ROOT_PATH to FastAPI at 127.0.0.1:8080
# FastAPI handles these requests because we set the 'root_path' parameter in the FastAPI instance.
reverse_proxy http://127.0.0.1:8080 reverse_proxy http://127.0.0.1:8080
} }
# Any request that doesn't start with the ROOT_PATH('/$ROOT_PATH/') will be blocked and no response will be sent to the client
@blocked {
not path /fd31b4edc70619d5d39edf3c2da97e2c/*
}
# Abort the request, effectively dropping the connection without a response for invalid paths
abort @blocked
} }
EOL EOL
} }