Merge pull request #227 from linuxserver/rutorrent-rpc

rutorrent: block rpc by default, it's unprotected
2026-02-01 14:12:22 +08:00 · 2020-10-22 16:18:25 -05:00 · 2020-10-22 16:18:25 -05:00 · b50c7c8cc2
commit b50c7c8cc2
parent 8002c2df7a 9e9a2e503c
2 changed files with 30 additions and 0 deletions
--- a/rutorrent.subdomain.conf.sample
+++ b/rutorrent.subdomain.conf.sample
@ -38,6 +38,21 @@ server {
    }

    location /RPC2 {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable the next two lines for ldap auth
+        #auth_request /auth;
+        #error_page 401 =200 /ldaplogin;
+
+        # enable for Authelia
+        #include /config/nginx/authelia-location.conf;
+
+        # block rpc access by default because it is unprotected
+        # you can comment out the next line to enable remote rpc calls
+        deny all;
+
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app rutorrent;
--- a/rutorrent.subfolder.conf.sample
+++ b/rutorrent.subfolder.conf.sample
@ -27,6 +27,21 @@ location ^~ /rutorrent/ {
 }

 location ^~ /rutorrent/RPC2 {
+    # enable the next two lines for http auth
+    #auth_basic "Restricted";
+    #auth_basic_user_file /config/nginx/.htpasswd;
+
+    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
+    #auth_request /auth;
+    #error_page 401 =200 /ldaplogin;
+
+    # enable for Authelia, also enable authelia-server.conf in the default site config
+    #include /config/nginx/authelia-location.conf;
+
+    # block rpc access by default because it is unprotected
+    # you can comment out the next line to enable remote rpc calls
+    deny all;
+
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app rutorrent;