Mercurial > prosody-modules
view mod_secure_interfaces/README.markdown @ 5298:12f7d8b901e0
mod_audit: Support for adding location (GeoIP) to audit events
This can be more privacy-friendly than logging full IP addresses, and also
more informative to a user - IP addresses don't mean much to the average
person, however if they see activity from outside their expected country, they
can immediately identify suspicious activity.
As with IPs, this field is configurable for deployments that would like to
disable it. Location is also not logged when the geoip library is not
available.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 01 Apr 2023 13:11:53 +0100 |
| parents | 4d73a1a6ba68 |
| children |
line wrap: on
line source
--- labels: - 'Stage-Beta' summary: 'Mark some network interfaces (e.g. loopback/LAN) as always secure' ... Introduction ============ Sometimes you might run clients without encryption on the same machine or LAN as Prosody - and you want Prosody to treat them as secure (e.g. allowing plaintext authentication) even though they are not encrypted. This module allows you to tell Prosody which of the current server's interfaces (IP addresses) that you consider to be on secure networks. Configuration ============= Configuration is simple, just load the module like any other by adding it to your modules\_enabled list: modules_enabled = { ... "secure_interfaces"; ... } Then set the list of secure interfaces (just make sure it is set in the global section of your config file, and **not** under a VirtualHost or Component): secure_interfaces = { "127.0.0.1", "::1", "192.168.1.54" } Compatibility ============= ------- --------- 0.9 Works 0.8 Unknown trunk Works ------- ---------