URL Checks

Enable the GeoServer URLCheck functionality.

OGC Services Web Services by design allow clients to reference external resources by URL. Enabling the URL Check setting prevents the abuse of these services for Server Side Request Forgery.

Reference:

Enable URL Checks

  1. Navigate to Security > URL Checks page.

  2. Select the checkbox Enable checks are disabled.

    ../_images/url_check.png

    Enable/Disable URL Checks

  3. Press OK to confirm this setting change.

    ../_images/url_check_confirm.png

    Enable URL checks

  4. Confirm URL checks are enabled, no further action is required.

    ../_images/url_check_enable.png

    URL checks are enabled

  5. If required see URL Checks for examples of allowing access to specific external resources.