github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-20 13:24:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow whitelisting specific IP for /api/

Browse source
This commit is contained in:
dpeca 2020-01-07 23:43:14 +01:00 committed by GitHub
commit b40ebe07e2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
web/api/index.php
View file

@ -1,6 +1,18 @@
<?php <?php
define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/'); define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/');
exit;
$allowed_host=0;
$check_file="/usr/local/vesta/conf_web/allow_ip_for_api.conf";
if (file_exists($check_file)) {
$file_content=file($check_file);
if (is_array($file_content)) {
foreach ($file_content as $line) {
if (trim($line) == $_SERVER['REMOTE_ADDR']) {$allowed_host=1; break;}
}
}
}
if ($allowed_host == 0) exit;
if (isset($_POST['user']) || isset($_POST['hash'])) { if (isset($_POST['user']) || isset($_POST['hash'])) {
// Authentication // Authentication