From 563d46cb9b78a1617708f6bd4e47c1960b3038e8 Mon Sep 17 00:00:00 2001
From: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Date: Wed, 27 Apr 2016 17:52:33 +0100
Subject: Bind webapp server on 127.0.0.1 by default

Most of us thought this was the default configuration,
but it wasn't.

This change means that the webapp service will only be accessible
from the same host that is running it, making it more secure.

Thanks to Ben Brown for finding this error.

Change-Id: I27f6604a0ebc7a093b63b11345b9c8963ed91c18
---
 etc/lighttpd/lorry-controller-webapp-httpd.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc/lighttpd/lorry-controller-webapp-httpd.conf b/etc/lighttpd/lorry-controller-webapp-httpd.conf
index ec92783..319c8ec 100644
--- a/etc/lighttpd/lorry-controller-webapp-httpd.conf
+++ b/etc/lighttpd/lorry-controller-webapp-httpd.conf
@@ -1,5 +1,6 @@
 server.document-root = "/var/www/htdocs"
 
+server.bind = "127.0.0.1"
 server.port = 12765
 
 server.username = "lorry"
@@ -15,7 +16,7 @@ mimetype.assign = (
   ".css" => "text/css"
 )
 
-$SERVER["socket"] == ":12765" {
+$SERVER["socket"] == "127.0.0.1:12765" {
     server.username = "lorry"
     server.groupname = "lorry"
     fastcgi.server = (
-- 
cgit v1.2.1