diff --git a/config/environments/production.rb b/config/environments/production.rb index 102c084c6..f5f82787c 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -80,10 +80,11 @@ config.active_record.dump_schema_after_migration = false # Enable DNS rebinding protection and other `Host` header attacks. - # config.hosts = [ - # "example.com", # Allow requests from example.com - # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` - # ] + config.hosts = [ + /local-links-manager\..*\.gov.uk$/, + "local-links-manager", + ] + # Skip DNS rebinding protection for the default health check endpoint. - # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } + config.host_authorization = { exclude: ->(request) { request.path.match?("^\/healthcheck") } } end