1
0
mirror of https://github.com/searxng/searxng.git synced 2024-11-05 04:40:11 +01:00
searxng/docs
Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration
The suggested configurations for nginx found in the documentation and
templates lead to vulnerabilities allowing host spoofing [1] and path
traversal [2], as reported by Gixy [3]. This commit fixes those issues.

[1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
[2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
[3] https://github.com/yandex/gixy
2021-03-03 12:34:22 +01:00
..
_themes/searx Revert "[fix] sphinx 3.1 CSS issues" 2020-12-27 11:27:42 +01:00
admin Fix security vulnerabilities in suggested nginx configuration 2021-03-03 12:34:22 +01:00
blog [mod] move brand options from Makefile to settings.yml 2021-01-11 22:12:38 +01:00
build-templates [fix] setup.py requires pyyaml installed 2021-01-16 08:58:13 +01:00
dev [fix] duckduckgo engine: "!ddg !g" do not redirect to google 2021-02-12 11:10:08 +01:00
static/img [enh] initial structure 2015-11-17 23:38:22 +01:00
user [fix] make books/user.pdf 2021-02-02 20:14:07 +01:00
utils [mod] move brand options from Makefile to settings.yml 2021-01-11 22:12:38 +01:00
conf.py [mod] move brand options from Makefile to settings.yml 2021-01-11 22:12:38 +01:00
index.rst Merge branch 'master' of https://github.com/asciimoo/searx into filtron 2020-02-23 13:50:22 +01:00