Pangolin
Is it possible to protect the Pangolin console as well as we can protect the resources? #1787
proofrock
started this conversation in
Feature Requests
Replies: 1 comment
-
|
I would like to add to this, by requesting the ability to apply crowdsec and geoblocking to the Pangolin endpoint. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
There are a number of protections possible for the resources: Geo Blocking, rules, forced OIDC access... it's peculiar that it's not possible (AFAIK) to protect the pangolin UI itself.
Motivation
The Web UI is the most important endpoint to protect, after all; if an attacker gains access to that, it can disable the protections for the resources, at the very minimum.
Proposed Solution
Allow to define rules for the Pangolin UI, and to force OIDC login.
Alternatives Considered
It also could work to be able to access the UI on a different port than 443, so that it can be limited on the firewall.
Additional Context
No response
Beta Was this translation helpful? Give feedback.
All reactions