diff options
| author | marcin mikołajczak <git@mkljczk.pl> | 2023-12-22 14:34:30 +0100 |
|---|---|---|
| committer | marcin mikołajczak <git@mkljczk.pl> | 2023-12-22 14:34:30 +0100 |
| commit | 6051715a990b7eb4379daec46d5ea0d63dce2c09 (patch) | |
| tree | e53a6e689839a188e1dd8770e19135fb28bf8a0b /docs/configuration/hardening.md | |
| parent | 5846e7d5f6b91ab63270f2104543d874589d39ca (diff) | |
| parent | 5f1d70736711275ac9f0c95e5ada4cb2f1a96e11 (diff) | |
| download | pleroma-6051715a990b7eb4379daec46d5ea0d63dce2c09.tar.gz pleroma-6051715a990b7eb4379daec46d5ea0d63dce2c09.zip | |
Merge remote-tracking branch 'origin/develop' into instance_rules
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
Diffstat (limited to 'docs/configuration/hardening.md')
| -rw-r--r-- | docs/configuration/hardening.md | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/configuration/hardening.md b/docs/configuration/hardening.md index d3bfc4e4a..cc46d1ff9 100644 --- a/docs/configuration/hardening.md +++ b/docs/configuration/hardening.md @@ -62,6 +62,20 @@ An additional “Expect-CT” header will be sent with the configured `ct_max_ag If you click on a link, your browser’s request to the other site will include from where it is coming from. The “Referrer policy” header tells the browser how and if it should send this information. (see [Referrer policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)) +### Uploaded media and media proxy + +It is STRONGLY RECOMMENDED to serve both the locally-uploaded media and the media proxy from another domain than the domain that Pleroma runs on, if applicable. + +```elixir +config :pleroma, :media_proxy, + base_url: "https://some.other.domain" + +config :pleroma, Pleroma.Upload, + base_url: "https://some.other.domain/media" +``` + +See `installation/pleroma-mediaproxy.nginx` for examples on how to configure your media proxy. + ## systemd A systemd unit example is provided at `installation/pleroma.service`. |