0

We use MinIO as our storage server. The issue is that the objects are accessible to the public Internet. To solve this issue someone suggested to use crossdomain.xml file to restrict access to resources if the request is initiated from our domain only. However from what I read everywhere, it looks like that file is exclusive to Adobe products.

Is that correct? And if yes, what is the alternative solution?

Our webserver is nginx.

  • Have you consider set firewall on host OS of MinIO? – Romeo Ninov Oct 27 '21 at 12:45
  • I have already tried that. First ```ufw default deny incoming``` and then ```ufw allow from 1111.2222.3333.4444 to any port 443``` and it didn't work and interrupted the communication between webserver and storage server. –  Oct 27 '21 at 13:11
  • If the entire communication is done (from internet) via web server add in `nginx` IP filtering like here: https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ – Romeo Ninov Oct 27 '21 at 13:23
  • We are behind Cloudflare proxy. –  Oct 27 '21 at 13:35

0 Answers0