Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
open-source
MetaGer
Commits
7f11029b
Commit
7f11029b
authored
May 26, 2021
by
Dominik Hebeler
Browse files
disallow public access to metrics endpoint
parent
fb5f71ff
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
routes/web.php
View file @
7f11029b
...
...
@@ -3,6 +3,7 @@
use
Illuminate\Support\Facades\Redis
;
use
Jenssegers\Agent\Agent
;
use
Prometheus\RenderTextFormat
;
use
Illuminate\Http\Request
;
/*
|--------------------------------------------------------------------------
...
...
@@ -320,7 +321,27 @@ Route::group(
});
});
Route
::
get
(
'metrics'
,
function
()
{
Route
::
get
(
'metrics'
,
function
(
Request
$request
)
{
// Only allow access to metrics from within our network
$ip
=
$request
->
ip
();
$allowedNetworks
=
[
"10."
,
"172."
,
"192."
,
"127.0.0.1"
,
];
$allowed
=
false
;
foreach
(
$allowedNetworks
as
$part
){
if
(
stripos
(
$ip
,
$part
)
===
0
){
$allowed
=
true
;
}
}
if
(
!
$allowed
){
abort
(
401
);
}
$registry
=
\
Prometheus\CollectorRegistry
::
getDefault
();
$renderer
=
new
RenderTextFormat
();
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment