Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to secure the self-hosted installation? #530

Closed
arladmin opened this issue May 9, 2024 · 1 comment
Closed

How to secure the self-hosted installation? #530

arladmin opened this issue May 9, 2024 · 1 comment

Comments

@arladmin
Copy link

arladmin commented May 9, 2024
edited

Don't know why, but i'm unable to find any information on how to properly secure my iframely self-hosted installation.

Namely:

  1. How to allow certain domains to be able to call the APIs (/iframely, /oembed, /debug) ?
  2. Where to configure the api_key parameter?
@iparamonau
Copy link
Member

iparamonau commented May 16, 2024
edited

The code in this repository assumes that you will put it behind a reverse proxy such as NGINX. This way, securing of the endpoints is out of our scope as you can do it in your reverse proxy.

api_key parameter is a feature of the Iframely cloud, you don't need it for self-hosting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@iparamonau @arladmin