Fix security vulnerabilities in suggested nginx configuration

The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy
author: Alex Balgavy <alex@balgavy.eu> 2021-03-03 12:21:06 +0100
committer: Alex Balgavy <alex@balgavy.eu> 2021-03-03 12:34:22 +0100
commit: 6b59800dc65fed855ecfdeb9fe40a37807ecfeb9 (patch)
tree: 857f02b3262c3a2101afb05fbd81539748b04c54 /docs/admin/filtron.rst
parent: c748fc66cf7c4a4ebfecde61dd683422dd6b3901 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/admin/filtron.rst b/docs/admin/filtron.rst
index 503a4d51d..41c4a31d6 100644
--- a/docs/admin/filtron.rst
+++ b/docs/admin/filtron.rst
@@ -173,7 +173,7 @@ Use it along with ``nginx`` with the following example configuration.
    location /searx {
        proxy_pass         http://127.0.0.1:4004/;
 
-       proxy_set_header   Host             $http_host;
+       proxy_set_header   Host             $host;
        proxy_set_header   Connection       $http_connection;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
author	Alex Balgavy <alex@balgavy.eu>	2021-03-03 12:21:06 +0100
committer	Alex Balgavy <alex@balgavy.eu>	2021-03-03 12:34:22 +0100
commit	6b59800dc65fed855ecfdeb9fe40a37807ecfeb9 (patch)
tree	857f02b3262c3a2101afb05fbd81539748b04c54 /docs/admin/filtron.rst
parent	c748fc66cf7c4a4ebfecde61dd683422dd6b3901 (diff)