Add drop_unauthorized parameter to proxy hosts

drop_unauthorized returns 444 when a client is not authorized as opposed to 403. It can be used with Client Certificate authorization.
2025-08-04 16:33:32 +00:00 · 2023-05-29 14:43:11 +10:00
parent f601105776
commit 6cf91a2e70
11 changed files with 85 additions and 4 deletions
--- a/frontend/js/app/nginx/proxy/form.ejs
+++ b/frontend/js/app/nginx/proxy/form.ejs
@@ -72,7 +72,7 @@
                                </label>
                            </div>
                        </div>
-                        <div class="col-sm-12 col-md-12">
+                        <div class="col-sm-6 col-md-6">
                            <div class="form-group">
                                <label class="custom-switch">
                                    <input type="checkbox" class="custom-switch-input" name="allow_websocket_upgrade" value="1"<%- allow_websocket_upgrade ? ' checked' : '' %>>
@@ -81,7 +81,15 @@
                                </label>
                            </div>
                        </div>
-
+                        <div class="col-sm-6 col-md-6">
+                            <div class="form-group">
+                                <label class="custom-switch">
+                                    <input type="checkbox" class="custom-switch-input" name="drop_unauthorized" value="1"<%- drop_unauthorized ? ' checked' : '' %>>
+                                    <span class="custom-switch-indicator"></span>
+                                    <span class="custom-switch-description"><%- i18n('all-hosts', 'drop-unauthorized') %></span>
+                                </label>
+                            </div>
+                        </div>
                        <div class="col-sm-12 col-md-12">
                            <div class="form-group">
                                <label class="form-label"><%- i18n('proxy-hosts', 'access-list') %></label>
--- a/frontend/js/app/nginx/proxy/form.js
+++ b/frontend/js/app/nginx/proxy/form.js
@@ -161,6 +161,7 @@ module.exports = Mn.View.extend({
            // Manipulate
            data.forward_port            = parseInt(data.forward_port, 10);
            data.block_exploits          = !!data.block_exploits;
+            data.drop_unauthorized       = !!data.drop_unauthorized;
            data.caching_enabled         = !!data.caching_enabled;
            data.allow_websocket_upgrade = !!data.allow_websocket_upgrade;
            data.http2_support           = !!data.http2_support;
--- a/frontend/js/i18n/messages.json
+++ b/frontend/js/i18n/messages.json
@@ -75,6 +75,7 @@
      "domain-names": "Domain Names",
      "cert-provider": "Certificate Provider",
      "block-exploits": "Block Common Exploits",
+      "drop-unauthorized": "Drop Unauthorized (444)",
      "caching-enabled": "Cache Assets",
      "ssl-certificate": "SSL Certificate",
      "none": "None",
--- a/frontend/js/models/proxy-host.js
+++ b/frontend/js/models/proxy-host.js
@@ -20,6 +20,7 @@ const model = Backbone.Model.extend({
            caching_enabled:         false,
            allow_websocket_upgrade: false,
            block_exploits:          false,
+            drop_unauthorized:       false,
            http2_support:           false,
            advanced_config:         '',
            enabled:                 true,