nichtich opened a new issue, #1796: URL: https://github.com/apache/jena/issues/1796
### Version 4.7.0 ### Feature As configured in its default [shiro.ini](https://github.com/apache/jena/blob/main/jena-fuseki2/jena-fuseki-webapp/src/main/resources/org/apache/jena/fuseki/webapp/shiro.ini), a Fuseki server allows read- and write-access from anywhere by default. This is a very dangerous default. I'd change this to 1. Limit admin protocol endpoint `/$/metrics` to localhost 2. Enable simple username/password authentication for write access (SPARQL Update and Graph Store Protocol except GET/HEAD) unless from localhost Sure this is insecure still but at least just changing the default password will restrict public write access to all your data. ### Are you interested in contributing a solution yourself? Yes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
