filegator/configuration/security.html

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">

        <title>FileGator - Documentation</title>

        <link rel="stylesheet" href="https://docs.filegator.io/css/bootstrap.min.css">
        <link rel="stylesheet" href="https://docs.filegator.io/css/font-awesome.min.css">
        <link rel="stylesheet" href="https://docs.filegator.io/css/highlight.tomorrow-night.css">
        <link rel="stylesheet" href="https://docs.filegator.io/css/main.css">
    </head>
    <body>

        <header class="navbar navbar-default navbar-fixed-top">

            <a class="navbar-brand" href="https://docs.filegator.io/">
                FileGator
                <small class="hidden-xs hidden-sm">
                    Documentation
                </small>
            </a>

        </header>

        <main class="container-fluid">
            <div class="row">

                
                    <nav id="sidebar" class="col-sm-3 col-lg-2" role="navigation">

                                                    <p class="text-muted">
                                Getting Started
                            </p>

                            <ul class="nav nav-pills nav-stacked">
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/index.html">
                                            What is FileGator
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/install.html">
                                            Installation
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/accounts.html">
                                            Users
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/development.html">
                                            Development
                                        </a>
                                    </li>
                                                            </ul>
                                                    <p class="text-muted">
                                Configuration
                            </p>

                            <ul class="nav nav-pills nav-stacked">
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/basic.html">
                                            Basic
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/auth.html">
                                            Auth
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/session.html">
                                            Session
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/storage.html">
                                            Storage
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/logging.html">
                                            Logging
                                        </a>
                                    </li>
                                                                    <li class="active">
                                        <a href="https://docs.filegator.io/configuration/security.html">
                                            Security
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/router.html">
                                            Router
                                        </a>
                                    </li>
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/configuration/tmpfs.html">
                                            Tmpfs
                                        </a>
                                    </li>
                                                            </ul>
                                                    <p class="text-muted">
                                Languages
                            </p>

                            <ul class="nav nav-pills nav-stacked">
                                                                    <li class="">
                                        <a href="https://docs.filegator.io/translations/default.html">
                                            Translations
                                        </a>
                                    </li>
                                                            </ul>
                        
                    </nav>

                
                <section class="col-sm-offset-3 col-lg-offset-2 col-sm-9 col-lg-10">
                    <h2 id="configuring-security-service">Configuring Security service</h2>
<p>Simple security service is included in the script by default. This service provides:</p>
<ul>
<li>Basic session-based <a href="https://en.wikipedia.org/wiki/Cross-site_request_forgery">CSRF</a> protection</li>
<li>IP allow list</li>
<li>IP deny list</li>
</ul>
<pre><code>        'Filegator\Services\Security\Security' =&gt; [
            'handler' =&gt; '\Filegator\Services\Security\Security',
            'config' =&gt; [
                'csrf_protection' =&gt; true,
                'csrf_key' =&gt; "123456", // randomize this
                'ip_allowlist' =&gt; [],
                'ip_denylist' =&gt; [
                    '172.16.1.2',
                    '172.16.3.4',
                ],
            ],
        ],</code></pre>
<p>If you set <code>ip_allowlist</code> then only users coming from listed IP addresses will be able to use the script.</p>
                </section>

            </div>
        </main>

        <script src="//code.jquery.com/jquery-1.11.0.min.js"></script>
        <script src="//netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>
        <script src="//yandex.st/highlightjs/7.5/highlight.min.js"></script>

        <script>
            $(function() {
                $("section>h1").wrap('<div class="page-header" />');
                // Syntax highlighting
                hljs.initHighlightingOnLoad();
            });
        </script>

<!-- Ticksel analytics v1.0 -->
<script type="text/javascript">
  var _tcfg = _tcfg || [];
  (function() {
    _tcfg.push(["tags", "filegator-io,filegator-io-docs"]);
    var u="https://a.interactive32.com/js/safetick.js"; _tcfg.push(["account_id", 8348834]);
    var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0];
    g.type="text/javascript"; g.async=true; g.src=u; g.setAttribute("crossorigin", "anonymous");
    s.parentNode.insertBefore(g,s);
  })();
</script>
<noscript><img src="https://a.interactive32.com/beam?account_id=8348834&referrer=&tags=filegator-io,filegator-io-docs" style="border:0;" width="0" height="0" alt="" /></noscript>
<!-- End Ticksel Code -->

    </body>
</html>