AkkomaGang/akkoma
AkkomaGang/akkoma
15
64
Fork 91
Code Issues 175 Pull requests 19 Projects 2 Releases 14 Packages Wiki Activity

Update Caddyfile #809

Merged
floatingghost merged 2 commits from norm/akkoma:caddyfile-update into develop 2024-06-23 02:20:24 +00:00
Conversation 2 Commits 2 Files changed 1 +13 -17
norm commented 2024-06-18 03:17:34 +00:00
Contributor
Copy link
  • Uncomment media subdomain settings
  • Disable gzip compression
- Uncomment media subdomain settings - Disable gzip compression
norm added 2 commits 2024-06-18 03:17:34 +00:00 
Now that a media subdomain is strongly recommended for security reasons,
there is no reason for them to be commented out by default.
Disable gzip compression in Caddyfile
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
Details
ci/woodpecker/pr/build-arm64 Pipeline is pending
Details
ci/woodpecker/pr/docs Pipeline is pending
Details
ci/woodpecker/pr/lint Pipeline is pending
Details
ci/woodpecker/pr/test Pipeline is pending
Details
51f09531c4 
Currently Akkoma doesn't have any proper mitigations against BREACH,
which exploits the use of HTTP compression to exfiltrate sensitive data.
(see: #721 (comment))

To err on the side of caution, disable gzip compression for now until we
can confirm that there's some sort of mitigation in place (whether that
would be Heal-The-Breach on the Caddy side or any Akkoma-side
mitigations).
floatingghost commented 2024-06-23 02:19:58 +00:00
Owner
Copy link

out of interest, why would we want to disable gzip compression?

out of interest, why would we want to disable gzip compression?
floatingghost commented 2024-06-23 02:20:18 +00:00
Owner
Copy link

oh i see, it's in the commit msg
all good then

oh i see, it's in the commit msg all good then
floatingghost merged commit 5fdb5d69d2 into develop 2024-06-23 02:20:24 +00:00
floatingghost deleted branch caddyfile-update 2024-06-23 02:20:25 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
approved, awaiting change

   
bug

Something is not working

  
configuration

This requires config changes

  
documentation

This is about human-readable docs

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
extremely low priority

   
feature request

Something new?

  
Fix it yourself

Support has been attempted

  
help wanted

Need some help

  
invalid

Something is wrong

  
mastodon_api

   
needs docs

   
needs tests

   
not a bug

   
planned

   
pleroma_api

   
privacy

   
question

More information is needed

  
static_fe

   
triage

   
wontfix

This won't be fixed

No labels
approved, awaiting change
bug
configuration
documentation
duplicate
enhancement
extremely low priority
feature request
Fix it yourself
help wanted
invalid
mastodon_api
needs docs
needs tests
not a bug
planned
pleroma_api
privacy
question
static_fe
triage
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: AkkomaGang/akkoma#809
No description provided.
Delete branch "norm/akkoma:caddyfile-update"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?