Secure/hide the admin behind proxy/firewall?

Hi!

Would love some guidance on how to best setup sentry so that

  • All resources is denied by default (firewall/proxy blocking based on IP or “VPC”)
  • Only the needed endpoints used by the raven clients are open to the public

Lemme know if this is doable and which URL paths and HTTP methods that needs to be open to restrict posting in events only.

Thx
Mr. Firewall-Dude

The only path that needs to be publicly accessible for event ingestion is ^/api/\d+/store/$.

Everything else can be blocked from public access. This endpoint is used to accept events only, with no read access, and is safe to expose.

3 Likes

I’m I right to assume it has now changed to this?
^/api/\d+/envelope/$