Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/nextcloud.com.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/config.php.sample
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2021-05-28 11:13:28 +0300
committerGitHub <noreply@github.com>2021-05-28 11:13:28 +0300
commitfd5fa561389b1e72ddc966e6f575ddfb46072c67 (patch)
tree7023ee8f11382ac4ff72d312f7b1bcb77b719c0a /config.php.sample
parent32f5772c9fdd641ba68112dbf29074fe05758c43 (diff)
Fix several security concerns (#1471)
* Use REMOTE_ADDR field The other ones are not used at all. This would allow someone to spoof the configured IP address and bypass any rate limit. Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Add basic ratelimiting class Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Remove Mautic submission form Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Replace captcha with ratelimiter Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Space + tabs Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Dont check if no REDIS is defined in config Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'config.php.sample')
-rw-r--r--config.php.sample7
1 files changed, 0 insertions, 7 deletions
diff --git a/config.php.sample b/config.php.sample
index c634cce5..14b7336a 100644
--- a/config.php.sample
+++ b/config.php.sample
@@ -8,13 +8,6 @@ define('OFFICIALAUTHORID', 1);
// Enables or disables the piwik tracking code
define('PIWIKTRACKING', 0);
-// Recaptcha
-DEFINE('RECAPTCHA_SITEKEY', '');
-DEFINE('RECAPTCHA_SECRET', '');
-define('MAUTIC_URL', 'https://mautic.nextcloud.com');
-define('MAUTIC_USERNAME', 'username');
-define('MAUTIC_PASSWORD', 'password');
-
// Providers
define('PROVIDERS_FILE', ABSPATH . 'preferred.json');
define('REDIS', 'tcp://127.0.0.1:6379');
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 14:36:33 +0300