Support center for flex.bi version 4.0
SSRF protection
Available from the flex.bi version 4.2.
SSRF (Server Side Request Forgery) protection allows to prevent flex.bi REST API and SQL import from other hosts in the same local network where the flex.bi server is running. By default SSRF protection is disabled.
Enable SSRF protection with:
[ssrf_filter] enable = true
If you would like to allow REST API import or SQL import access to some IP addresses in the same local network, then specify allowed_ip_addresses setting. In addition, you can specify restricted_ip_addresses to specify additional IP addresses (which are not in the local network) from which REST API import and SQL import should be restricted.
[ssrf_filter] enable = true allowed_ip_addresses = ["192.168.1.1", "192.168.8.1"] restricted_ip_addresses = ["8.8.8.8", "8.8.4.4"]