Mirimir wrote: > On 02/06/2015 08:49 AM, [email protected] wrote: >> Documentation really should warn about this, IMHO: >> https://www.torproject.org/docs/tor-hidden-service.html >> and possibly a one line warning in the example torrc since >> "HiddenServicePort 80 127.0.0.1:80" typically is a problem. > > Yes.
How can I make that happen? Here's a draft for the last bullet points (English is not my native language): * Make sure you don't grant access to special URLs based on source IP address, since all connection will come from localhost or wherever you install tor on your LAN. For example, on apache, you should disable mod_status and all modules/sites/conf with "Require local" directive. In example torrc, we could add: ## Be aware source IP filtering will not be available: ## see https://www.torproject.org/docs/tor-hidden-service.html before #HiddenServiceDir /var/lib/tor/hidden_service/ #HiddenServicePort 80 127.0.0.1:80 -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
