Hey! How can I disable a source code scrapping feature?
It’s one of the numerous settings available in the UI.
Hey David! Yesterday this report was disclosed publicly https://hackerone.com/reports/374737 . I want to disable this feature. This is how the settings look like
@zeeg can you advise? ^
It’s in your project settings, along with the other options around configuring data collection.
Also reading the report…
(correcting my original comment)
You’ll need to configure the following to secure these kinds of things:
# List of IP subnets which should not be accessible SENTRY_DISALLOWED_IPS = ()
We could probably expose this kind of configuration in Sentry as well in the future.
Here’s a good default:
# http://en.wikipedia.org/wiki/Reserved_IP_addresses SENTRY_DISALLOWED_IPS = ( '0.0.0.0/8', '10.0.0.0/8', '100.64.0.0/10', '127.0.0.0/8', '169.254.0.0/16', '172.16.0.0/12', '192.0.0.0/29', '192.0.2.0/24', '18.104.22.168/24', '192.168.0.0/16', '198.18.0.0/15', '198.51.100.0/24', '22.214.171.124/4', '240.0.0.0/4', '255.255.255.255/32', )