From 5c9a7297473f95bc4ee00eee44af21f0d788784b Mon Sep 17 00:00:00 2001 From: earthlng Date: Wed, 7 Feb 2018 20:34:14 +0100 Subject: [PATCH] Created 4.2.3 uMatrix (markdown) --- 4.2.3-uMatrix.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 4.2.3-uMatrix.md diff --git a/4.2.3-uMatrix.md b/4.2.3-uMatrix.md new file mode 100644 index 0000000..e157105 --- /dev/null +++ b/4.2.3-uMatrix.md @@ -0,0 +1,44 @@ + +**Prevent Internet sites from requesting LAN resources** ( thanks @theWalkingDuck ) + +this is/was the only default ABE rule in Noscript: +``` +# Noscript +# Prevent Internet sites from requesting LAN resources. + +Site LOCAL +Accept from LOCAL +Deny +``` + +We can easily rewrite it in the uMatrix way: +``` +[Source] * -> any external resource +[Destination] 127.0.0.1 -> which tries to access the localhost or local resources +[Content] * -> whatever the request or the requested content is .. +[action] block -> should be BLOCKED +``` + +``` +# uMatrix +# Prevent Internet sites from requesting LAN resources. + +* 127.0.0.1 * block +* localhost * block +* [::1] * block ### block access to ipv6 localhost +* 192.168 * block ### block access to LAN 192.168.x.x +``` + +The best practice is to use a separate browser for accessing local resources or using a temporary allow if needed ... but for those who need it permanently: +``` +# uMatrix +# Accept from LOCAL + +127.0.0.1 127.0.0.1 * allow +localhost localhost * allow +[::1] [::1] * allow +192.168 192.168 * allow +``` +btw, don't forget to remove the `matrix-off: localhost true` rule. + +--- \ No newline at end of file