Updated Hardening Guide (markdown)

AyubM 2023-01-10 00:35:54 -05:00
parent bdb6026ba5
commit a7cde75df6

@ -83,8 +83,23 @@ For general discussion about subpath hosting for security refer to: https://gith
If you make this change, you may also have to change the reverse proxy to add this path to /notifications/hub. For example, in Caddy v2:
```Caddyfile
vaultwarden.example.com {
mysubdomain.example.com {
reverse_proxy /my-custom-path/notifications/hub 10.0.0.150:3012
reverse_proxy 10.0.0.150:8083
}
```
```
Or if you'd like to make Caddy drop all connections besides for vaultwarden
```Caddyfile
mysubdomain.example.com {
route {
reverse_proxy /my-custom-path/notifications/hub 10.0.0.150:3012
reverse_proxy /my-custom-path/* 10.0.0.150:8083 {
header_up X-Real-IP {remote_host}
}
handle /* {
abort
}
}
}
```