XF 2.2 Does Convert URLs to page titles expose IP?
- Thread starter questlot
- Start date
Yes it will. To avoid this you'll want to set up a proxy (like tinyproxy) and configure the use of it in
src/config.php:
Nicolas FR
Well-known member
So without using a proxy it's not recommended to activate it correct ?
Why there is no warning about this under the option ?
Why there is no warning about this under the option ?
A proxy is not necessary unless you are hiding your server IP behind a reverse proxy. If you are hiding your server IP behind a reverse proxy, there are several precautions you would need to take to ensure it does not leak, including configuring the HTTP client to use a forward proxy and using a mail server which does not include the origin IP in message headers.
Nicolas FR
Well-known member
Thank you for this technical clarification which managed to confuse me a little more! 
I have no idea if my server is behind a reverse proxy, I will approach my web host.
I have no idea if my server is behind a reverse proxy, I will approach my web host.
Max Taxable
Well-known member
Common reverse proxy would be cloudflare, for example.Thank you for this technical clarification which managed to confuse me a little more!
I have no idea if my server is behind a reverse proxy, I will approach my web host.
Nicolas FR
Well-known member
Oh ok, well i use CloudFlare so... What i have to do now ? Or what can i do ?
Sorry guys i'm lost about this option and to be honest i don't know what is the purpose of it even reading the option description...
What do most XF users do regardless of the reverse proxy? Do they activate it and do what is necessary to make it safe or does it not activate it?
Sorry guys i'm lost about this option and to be honest i don't know what is the purpose of it even reading the option description...
What do most XF users do regardless of the reverse proxy? Do they activate it and do what is necessary to make it safe or does it not activate it?
Nicolas FR
Well-known member
Probably not. Cause it's a container server even not a shared server.
So i activate this option or not ?
questlot
Active member
That’s a good question I also thought about.
questlot
Active member
I use cloudflare and I would have loved to enable Convert URLs to page titles but for the fear of not exposing my server IP address I left it disable.
Is there an easy and free way to enable the option without exposing my server IP?
It converts URLs in messages to linked page titles. For example, https://example.com would be converted to Example domain. This can provide readers with a better indicator of what the linked content is.
If you're not using a reverse proxy then it doesn't reveal anything that DNS records wouldn't already reveal. If you are using a reverse proxy then any external connection made by XF will reveal your server IP address, including but not limited to this option, unfurls, and the image proxy. If you're not concerned with hiding your server IP address then it doesn't matter. If you are concerned with hiding your server IP address then you would need to configure a proxy.
Not really. You would be revealing your server IP address to the proxy by necessity, so you shouldn't use a proxy you don't trust or control.
Any time XF has to connect to an external service for any reason. When you enable this option, XF has to fetch the linked page to get the page title. For unfurls, it has to fetch the linked page to get the title, description, and image. For the image proxy, it has to fetch the image. And so on and so forth.
JoyFreak
Well-known member
Can someone clarify what would happen if the tinyproxy fails, for whatever reason, would the website still be accessible and will it expose the IP then? What would need to actually happen for me to worry about the IPs being exposed and for me to act? As I have all this set up but want to know as a precaution.Yes it will. To avoid this you'll want to set up a proxy (like tinyproxy) and configure the use of it insrc/config.php:
Similar threads
- Question
