rejetto forum

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - sergio

Pages: 1 2 3
1
HFS ~ HTTP File Server / Re: Warning: HFS v2.x has a severe vulnerability
« on: October 09, 2024, 05:46:19 PM »
Thank you very much for the clarification. I hope it can be resolved soon.

2
HFS ~ HTTP File Server / Re: Warning: HFS v2.x has a severe vulnerability
« on: October 08, 2024, 01:51:27 PM »
Hi.

I don't know anything about security, nor about the C language.
But if hfs is under cloudflare, does the vulnerability continue?

3
HFS ~ HTTP File Server / Re: Hide TIMESTAMP column
« on: February 14, 2022, 04:36:51 PM »
how ?

4
HFS ~ HTTP File Server / Hide TIMESTAMP column
« on: February 13, 2022, 11:26:21 PM »
Hi,

Any way to hide the timestamp column?

I can't find a way to do it anywhere

5
HFS ~ HTTP File Server / Re: Ban IP using cloudflare
« on: February 11, 2022, 01:28:21 AM »
Quote
Your best option is to allow not * but just the IPs of cloudflare.
You can learn how to enter a filter different than * with this guide: https://www.rejetto.com/wiki/index.php/HFS:_IP_masks

the bad thing is that cloudflare uses many ip.

in the browser and by cmd are always two.
But in HFS it identifies several totally different

enter hfs various ranges, sometimes it works, and sometimes it doesn't, as other different ranges reappear.

forwarded-mask=* This configuration is the one that has worked best, except when they enter through the tor network, here it returns again to register the cloudflare IPs.

The issue is now clear.

Thank you very much for your great collaboration.

6
HFS ~ HTTP File Server / Re: Ban IP using cloudflare
« on: February 09, 2022, 07:17:48 PM »
Quote
Method 2) there's a scripting command to modify configuration via scripting. So as you can go Menu > Debug > Run script
and there run this small script
{.set ini|forwarded-mask=*.}

The script does not do what it is supposed to do.  What will be the reason?


Quote
Method 1) you'll edit the hfs.ini with notepad. Be sure first to quit HFS first.

This one works fine.

Quote
so, HFS already supports reverse-proxy but by default it's limited to localhost for security reasons.

the part is not clear to me: "limited to localhost for security reasons"

you mean you can only login from localhost, and do not enter externally ?


7
HFS ~ HTTP File Server / Re: Ban IP using cloudflare
« on: February 09, 2022, 03:25:23 PM »
ciao Sergio,
ot may help to know what you did to configure HFS for cloudflare.
I've never used cloudflare myself, so i hope someone could help you.

I have a .com domain.
in the control panel of my domain, I configure the cloudflare NS.
in cloudflare configure 2 records of type A that point to my Public IP.
This way I hide my public IP.

Whoever enters my hfs through the url of my domain, will never know my true public IP, since it will show them the cloudflare IPs.
in this way it was left behind a proxy.


In my local apache server I had the same problem, and the solution is to enable the remoteip module, and add a line in the httpd.conf file that is this:
 RemoteIPHeader X-Forwarded-For.


But in HFS I don't know what configuration to do to solve the problem.

8
HFS ~ HTTP File Server / Ban IP using cloudflare
« on: February 09, 2022, 12:29:07 AM »
Hi,

I have my HFS running on my local network under cloudflare.

But the problem occurs when I decide to ban an IP. Since it does not do the IP ban. This is due to HFS being configured with cloudflare

What configuration must be done in HFS so that it allows me to do IP banning?

Thanks.

PD. If HFS is not configured with cloudflare, IP ban works fine.


9
HTML & templates / Re: Simple contact template
« on: March 25, 2019, 02:42:09 PM »
Thanks LeoNeeson.

10
HTML & templates / Re: Simple contact template
« on: March 24, 2019, 05:30:01 PM »
What is the final file?

11
I just verified that activating in hfs  "Requests dump" register IP Cloudflare and visitor correctly. without the need to add the previous code.
I had not noticed that option.

problem solved.

Thanks Mars for your great help.

12
if I enter http://myhfs.com

register the 2 ip correctly

15:01:38 127.0.0.1:2243 request
>    Cloudflare IP       : 127.0.0.1
>    CF-Connecting-IP :   correctly
>    X-Forwarded-For  :   correctly


if enter link direct http://myhfs.com/file.zip

only register IP Cloudflare.
it no longer appears:

15:01:38 127.0.0.1:2243 request
>    Cloudflare IP       : 127.0.0.1
>    CF-Connecting-IP :   correctly
>    X-Forwarded-For  :   correctly

13
Thanks Mars.

I enter the code at the beginning of the head tag
Is it the right place?

works well. But when it is entered by direct link, it does not work.
example, mihfs.com/file.zip
How is this resolved?

Code: [Select]
<head>
{.add to log| request
   Cloudflare IP       : %ip%
   CF-Connecting-IP : {.header|CF-Connecting-IP.}
   X-Forwarded-For  : {.header|X-Forwarded-For.}
.}
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>{.!HFS.} %folder%</title>
<link rel="stylesheet" href="/?mode=section&id=style.css" type="text/css">
    <script type="text/javascript" src="/?mode=jquery"></script>
<link rel="shortcut icon" href="/favicon.ico">
<style class='trash-me'>
.onlyscript, button[onclick] { display:none; }
</style>
    <script>
    // this object will store some %symbols% in the javascript space, so that libs can read them
    HFS = { folder:'{.js encode|%folder%.}', number:%number%, paged:{.!option.paged.} };
    </script>
<script type="text/javascript" src="/?mode=section&id=lib.js"></script>
</head>

14
Hi there! I'm needing some help setting up a macro, to be able to see my visitors IP on the HFS's log. Since I'm using Cloudflare, I currently only see (in the HFS's log) the external IP of Cloudflare, and not the real visitor's IP. Reading the Cloudflare help, I see Cloudflare adds two useful "HTTP headers", like "CF-Connecting-IP:" and "X-Forwarded-For:". Those headers contain the visitors IP. If I only could parse those headers on the HFS's log, that would be awesome. I only need that: reading the "X-Forwarded-For:" value from the HTTP header, and register that on the HFS's log. Cheers!...

15
EspaƱol / Re: Registros IP Publica con Cloudflare
« on: October 10, 2017, 06:17:37 PM »
esa es la idea. Que muestre las IP en el log.

Yo no se ingles, la unica seria traduccir por google, pero ya tengo una mala experiencia con un post que cree hace mucho tiempo, y se formo una gran polemica, debido a que no entendian bien lo que yo deseaba.....voy a tratar mas adelante a ver que pasa.

Un saludo.

Pages: 1 2 3