khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 02:09:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

Add note about installing ownCloud in a DMZ

Browse Source
This commit is contained in:
Lukas Reschke
2015-08-22 12:54:43 +02:00
parent c00249e398
commit f8fe4dfeae
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
admin_manual/configuration_server/harden_server.rst
View File

@@ -146,6 +146,18 @@ Administrators are encouraged to install ownCloud on a dedicated domain such as
cloud.domain.tld instead of domain.tld to gain all the benefits offered by the
Same-Origin-Policy.
Ensure that your ownCloud instance is installed in a DMZ
--------------------------------------------------------
As ownCloud supports features such as Federated File Sharing we do not consider
Server Side Request Forgery (SSRF) part of our threat model. In fact, given all our
external storage adapters this can be considered a feature and not a vulnerability.
This means that an user on your ownCloud instance could probe whether other hosts
are accessible from the ownCloud network. If you do not want this you need to
ensure that your ownCloud is properly installed in a seggregated network and proper
firewall rules are in place.
Serve security related Headers by the web server
------------------------------------------------