Details
-
Improvement
-
Resolution: Obsolete
-
Medium
-
3.10.1, 3.9.5, 4.0.1
-
None
Description
By default it listens to connections made by any host, which is unnecessary given the very specific task it has to carry out.
Fix: add a setting, at the top of the file itself where the other settings are located, where you specify the addresses of the hosts that can connect.
Then, after accepting a connection, use socket_getpeername() to find out the ip of the caller, and if it is not in the whitelist just close the connection.