First of all, sorry to resurrect this almost 10 year old post, but I seriously can’t believe this doesn’t bother anyone else?
I have now managed to hide my host server and its IP address behind cloudflare and, after hours of searching, I have managed to only allow incoming network traffic from cloudflare so that port scanners cannot accidentally discover the forum under the IP address. Safety is simply very important to me. Mail server is external, almost everything is protected - but it’s a joke that someone just has to insert a bait image in the post and Discourse downloads it directly to embed it or something similar. I couldn’t find anything that disables this anywhere. Even these oneboxes, which are supposed to be the previews - even setting these to 0 does nothing - the ip logging pixel was immediately embedded and could reveal the host’s IP to attackers - so cloudflare’s protection is absolutely useless in this case. Either you protect your services properly or not at all - what use is cloudflare to us if the attacker doesn’t need 5 minutes to register, post a picture and thus find out the real IP of the host?
I’ve been trying for hours today using AI, tor and torsocks - but it never really worked. The rebuilding usually crashes as soon as I dare to change something in the env settings. If anyone has somehow managed to do this, I’m almost begging them to please share it with us. Most of the time the rebuild fails because access to Github doesn’t work, as Github probably prohibits Tor traffic.
And all of this wouldn’t have to be the case if you could simply deactivate discourse from loading the links in advance.
thanks! I added your plugin and rebuild discourse- after that I thought, that if I check the first two checkboxes, it will enforce to use a proxy- nevermind if one is set up or not- but it doesn’t matter if I put infos of the proxy or if the values were empty and only the two checkboxes were activated- it still loads the tracking pixel with the VPS IP adr.
I’ll try now to to configure complete docker or only the discourse image to use proxy, maybe it will work with a usual proxy provider and won’t fail in rebuilding like with tor
You can simply set up something like Tinyproxy on a separate host and configure environment variables to use that. Make sure to disable IP header forwarding on Tinyproxy and it might be helpful to exclude Github to ease theme installation as well.
You should be using such a mechanism when Discourse runs, not when it is being built.
Thank you both very much for your suggestions and ideas!
I’m giving up on this for now; I’ve been working on it for far too long. I thought it wouldn’t be that difficult, but now I’m a little lost with all the proxy topics like SOCKS and SOCKS5. I assumed it would be as simple as adding a few parameters or configurations to the env section of app.yml, but it seems I’d need to invest many more hours in a custom solution. Because in general Im having trouble with getting a connection with proxy outbound to for example https://check.torproject.org/api/ip with curl. So I think I’d had to deep dive much more into proxying.
It would have been nice if I could hide the host IP in all the ways I know it can be leaked, but I guess that’s the trade-off for using such a powerful forum platform like Discourse. Discourse has so many configuration options; would it be possible to request a feature that prevents it from preloading links and previews or, more generally, from fetching external resources provided by users? I couldn’t find a request sub-forum here
Yes, but I’d like the proxy configuration to persist after updating or rebuilding Discourse. Working with Docker can be a bit tricky.
