add peer filtering to all .well-known services

1 files changed, 16 insertions, 0 deletions

diff --git a/mod/_well_known.php b/mod/_well_known.php
index 58ed13ece..47cfe1512 100644
--- a/mod/_well_known.php
+++ b/mod/_well_known.php
@@ -7,6 +7,22 @@ function _well_known_init(&$a){
 		$arr = array('server' => $_SERVER, 'request' => $_REQUEST);

 		call_hooks('well_known', $arr);

 

+

+		if(! check_siteallowed($_SERVER['REMOTE_ADDR'])) {

+			logger('well_known: site not allowed. ' . $_SERVER['REMOTE_ADDR']);

+			killme();

+		}

+

+		// from php.net re: REMOTE_HOST:

+		//     Note: Your web server must be configured to create this variable. For example in Apache 

+		// you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr(). 

+

+		if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) {

+			logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']);

+			killme();

+		}

+

+

 		switch(argv(1)) {

 			case 'zot-info':

 				$a->argc -= 1;