From 998c3fd8b255c097739bcc2cd1649cfd71dae9a0 Mon Sep 17 00:00:00 2001 From: Grant Burgess Date: Fri, 10 Jan 2020 14:36:37 +1000 Subject: [PATCH] Added config option that Closes #1354 --- config.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config.yaml b/config.yaml index f6018fc30..66540425a 100644 --- a/config.yaml +++ b/config.yaml @@ -51,6 +51,9 @@ beef: # Reverse Proxy / NAT # If you want BeEF to be accessible behind a reverse proxy or NAT, # set both the publicly accessible hostname/IP address and port below: + # NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed + # by altering the X-FORWARDED-FOR ip address in the request header. + allow_reverse_proxy: false #public: "" # public hostname/IP address #public_port: "" # public port (experimental)