From c214692f661488df30eaf00ca85da94a5ecc1e14 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Thu, 28 Jan 2016 17:06:13 -0800
Subject: add peer filtering to all .well-known services

---
 mod/_well_known.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'mod/_well_known.php')

diff --git a/mod/_well_known.php b/mod/_well_known.php
index 58ed13ece..47cfe1512 100644
--- a/mod/_well_known.php
+++ b/mod/_well_known.php
@@ -7,6 +7,22 @@ function _well_known_init(&$a){
 		$arr = array('server' => $_SERVER, 'request' => $_REQUEST);
 		call_hooks('well_known', $arr);
 
+
+		if(! check_siteallowed($_SERVER['REMOTE_ADDR'])) {
+			logger('well_known: site not allowed. ' . $_SERVER['REMOTE_ADDR']);
+			killme();
+		}
+
+		// from php.net re: REMOTE_HOST:
+		//     Note: Your web server must be configured to create this variable. For example in Apache 
+		// you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr(). 
+
+		if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) {
+			logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']);
+			killme();
+		}
+
+
 		switch(argv(1)) {
 			case 'zot-info':
 				$a->argc -= 1;
-- 
cgit v1.2.3