Disable discourse from crawling links


how to disable discourse from crawling (embeding) links, for security reasons.

these settings i have for onebox seem to failed

Only allow Cloudflare IPs for Discourse server

Did you try “*” in sites not to crawl?


i did, and it failed

(Régis Hanol) #4

There’s currently no way of disabling oneboxing.


could you guys maybe add an option to do it?
for people like myself that use a reverse proxy, any one can post an ip logger and get backend ip


so i guess there wont ever be a way then?

(Joshua Rosenfeld) #8

That’s not a fair statement. It’s on Régis list, but it hasn’t gotten done yet. I’d recommend checking out How do we decide what goes into each release of Discourse? - this is the only request that I’ve seen so per #1 this is not high on our todo list - but it’s on the todo list.


in a way it should be, cause it can affect users, many might not post about it dont mean it doesnt affect others, but i do understand about it not being high on the list but still, its something i think should be heavily considered

(Mittineague) #10

Have you tried adding the domain names ro your censored words? Last I tested doing so will effectively prevent the links from becoming working links in posts.


there are alot of iplogging domains out there, would be impossible to block all, and no i never tried adding to censored words, i just tried the onebox domains blacklist which failed, as for some reason it still sends a requests to the logger

(Régis Hanol) #12

@nbianca can you make sure the “onebox domains blacklist” work as expected?

Also, we should enforce the validation to ensure only domains are entered (ie. “http://www.youtube.com” is not a valid value).

(Bianca) #14

This was fixed by:

(Bianca) #15