README.md: Add Remnawave to Web Panels#4498
Conversation
|
这种 docker 安装怎么说呢, 我看到这个面板对域名是强依赖,可否建议他们在前端代码中加入对“当前页面是否为 HTTPS”的检查? |
|
在前端代码中检查是否为内网地址(127.0.0.1, ::1, localhost, 10...)或 HTTPS, 这也适用于 SSH port forwarding 的情况,因为那个是 127.0.0.1 |
|
remnawave will not let you run the panel without reverse proxy and https. Here's a look at it: The panel itself is in the docker https://remna.st/installation/quick-start |
Dear @RPRX, thanks for quick reply. Backend part already have implemented security measure to ensure that Remnawave will work only with reverse-proxy and https. Source code of guard can be found here: https://github.com/remnawave/backend/blob/main/src/common/guards/proxy-check/proxy-check.guard.ts#L10 Port-forwarding and other methods to bypass this restrictions will not work. The only way fully run Remnawave is to use reverse proxy. Anyway if you try to run Remnawave with 0.0.0.0 – frontend can't be loaded. It is first layer. If you somehow manage to run open frontend – RestAPI will deny all requests, because no reverse-proxy and https:// configured.
If you have any further requests or questions related to end-user security, please feel free to share them, and we will address them promptly. For our team and us, security remains the highest priority. Thank you for your dedication and hard work 🤝❤️ P.S. In addition to backend checks and the built-in restriction on using HTTP, we have written extensive installation guides with best and safest practices, including all warnings.
|
|
@kastov 感谢你为保护用户数据安全所做出的努力 |
4 participants
Remnawave is a powerful proxy managment tool, built on top of Xray-core, with a focus on security, simplicity and ease of use.
The developer places a strong emphasis on security, addressing the concerns we discussed earlier, and is highly responsive to all inquiries.
Although the panel was created relatively recently, it is already being used in production environments by many users.