mirror of
https://github.com/r3bo0tbx1/tor-guard-relay.git
synced 2026-04-06 00:32:04 +02:00
25fd7a09d7
BREAKING CHANGE: Internal services now bind to 127.0.0.1 by default This release enforces strict port security with a two-tier model: - Public: 9001 (ORPort), 9030 (DirPort) - Internal: 9035+ (metrics, health, dashboard) - localhost-only Changes: - CHANGELOG.md: Updated version entries, aligned to v1.0.2 - README.md: Updated version references and deployment examples - SECURITY.md: Enhanced with network architecture and port policy - relay-status.sh: Added port security validation (v1.0.2) - integration-check.sh: Added port/version validation phases (v1.0.2) Security Improvements: - Prevents unauthorized external access to internal endpoints - Adds reverse proxy, SSH tunnel, and VPN access guidance - Includes comprehensive migration guide for existing deployments - Adds automated security validation in diagnostic tools Migration Required: If accessing metrics/health externally, use reverse proxy with auth, SSH tunneling, or VPN. See SECURITY.md for details. Version: 1.0.2