max / makenotwork

Block /api/internal/* from external access in Caddyfile Internal API endpoints used by mnw-cli are localhost-only. Caddy returns 404 for any external requests to /api/internal/* paths. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: Max J. <87768334+MaxJMath@users.noreply.github.com> · 2026-03-29 21:39 UTC

Commit: 1195fbe2bc3390ce0b5cef1fa4c0e7b43341262a

Parent: 3033911

1 file changed, +4 insertions, -0 deletions

M server_code/makenotwork/deploy/Caddyfile +4

			@@ -30,6 +30,10 @@
30	30		makenot.work {
31	31		import cloudflare_tls
32	32
	33	+	# Block internal API from external access (CLI uses localhost directly)
	34	+	@internal path /api/internal/*
	35	+	respond @internal 404
	36	+
33	37		# Reverse proxy to application (includes /docs routes)
34	38		reverse_proxy localhost:3000
35	39