From cb4e4039277efe8ab386ddcb573869b924dafef0 Mon Sep 17 00:00:00 2001 From: Carla Schroder Date: Sat, 29 Aug 2015 11:57:13 +0200 Subject: [PATCH] Update harden_server.rst --- admin_manual/configuration_server/harden_server.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin_manual/configuration_server/harden_server.rst b/admin_manual/configuration_server/harden_server.rst index 5c3a35bcb..241e323df 100644 --- a/admin_manual/configuration_server/harden_server.rst +++ b/admin_manual/configuration_server/harden_server.rst @@ -153,7 +153,7 @@ As ownCloud supports features such as Federated File Sharing we do not consider Server Side Request Forgery (SSRF) part of our threat model. In fact, given all our external storage adapters this can be considered a feature and not a vulnerability. -This means that an user on your ownCloud instance could probe whether other hosts +This means that a user on your ownCloud instance could probe whether other hosts are accessible from the ownCloud network. If you do not want this you need to ensure that your ownCloud is properly installed in a segregated network and proper firewall rules are in place.