Source code scrapping


#1

Hey! How can I disable a source code scrapping feature?


#2

It’s one of the numerous settings available in the UI.


#3

Hey David! Yesterday this report was disclosed publicly https://hackerone.com/reports/374737 . I want to disable this feature. This is how the settings look like

Can you advise me which exactly setting should be turned off?


#4

@zeeg can you advise? ^


#5

It’s in your project settings, along with the other options around configuring data collection.


#6

Also reading the report…

(correcting my original comment)

You’ll need to configure the following to secure these kinds of things:

# List of IP subnets which should not be accessible
SENTRY_DISALLOWED_IPS = ()

We could probably expose this kind of configuration in Sentry as well in the future.

Here’s a good default:

# http://en.wikipedia.org/wiki/Reserved_IP_addresses
SENTRY_DISALLOWED_IPS = (
    '0.0.0.0/8', '10.0.0.0/8', '100.64.0.0/10', '127.0.0.0/8', '169.254.0.0/16', '172.16.0.0/12',
    '192.0.0.0/29', '192.0.2.0/24', '192.88.99.0/24', '192.168.0.0/16', '198.18.0.0/15',
    '198.51.100.0/24', '224.0.0.0/4', '240.0.0.0/4', '255.255.255.255/32',
)

#7

Thank you :+1:


#8