Deny access to public /server-status in http Openstack services
This change block access to the public /server-status url on all
http services exposed by HAProxy, also fixes an issue with Horizon
where 'Require all granted' open access to the /server-status in
the HAProxy-less configurations. Without this change the issue
affects only Ubuntu/Debian installations where mod_status in Apache2
enabled by default.
Closes-Bug: #1996913
Change-Id: I3ec1af6353c3ecc64589599abe375b0ae9b14d5c
Signed-off-by: 
Maksim Malchuk <maksim.malchuk@gmail.com>
Showing
- ansible/roles/haproxy-config/templates/haproxy_single_service_split.cfg.j2 3 additions, 0 deletions...roxy-config/templates/haproxy_single_service_split.cfg.j2
- ansible/roles/horizon/templates/horizon.conf.j2 4 additions, 0 deletionsansible/roles/horizon/templates/horizon.conf.j2
- releasenotes/notes/http-services-deny-server-status-39d0259664053e59.yaml 7 additions, 0 deletions...es/http-services-deny-server-status-39d0259664053e59.yaml
Loading
Please register or sign in to comment