Add Vhost-level blocking of auth endpoint (#1659/#1598)

_example/etc/portal-apache2.4.conf

@@ -79,6 +79,11 @@
         Require all denied
     </Location>
 
+    # REST/SOAP functions for proxy auth and password reset (disabled by default)
+    <Location /index.fcgi/proxy>
+        Require all denied
+    </Location>
+
     # REST/SOAP functions for sessions access (disabled by default)
     <Location /index.fcgi/sessions>
         Require all denied

_example/etc/portal-apache2.X.conf

@@ -86,6 +86,17 @@
         </IfVersion>
     </Location>
 
+    # REST/SOAP functions for proxy auth and password reset (disabled by default)
+    <Location /index.fcgi/proxy>
+        <IfVersion >= 2.3>
+            Require all denied
+        </IfVersion>
+        <IfVersion < 2.3>
+            Order Deny,Allow
+            Deny from all
+        </IfVersion>
+    </Location>
+
     # REST/SOAP functions for sessions access (disabled by default)
     <Location /index.fcgi/sessions>
         <IfVersion >= 2.3>

_example/etc/portal-apache2.conf

@@ -72,6 +72,12 @@
         Deny from all
     </Location>
 
+    # REST/SOAP functions for proxy auth and password reset (disabled by default)
+    <Location /index.fcgi/proxy>
+        Order deny,allow
+        Deny from all
+    </Location>
+
     # REST/SOAP functions for sessions access (disabled by default)
     <Location /index.fcgi/sessions>
         Order deny,allow

_example/etc/portal-nginx.conf

@@ -59,6 +59,12 @@ server {
       deny all;
     }
 
+    # REST/SOAP functions for proxy auth and password reset (disabled by default)
+    location ~ ^/index.psgi/proxy {
+      fastcgi_pass llng_portal_upstream;
+      deny all;
+    }
+
     # REST/SOAP functions for sessions access (disabled by default)
     location ~ ^/index.psgi/sessions {
       fastcgi_pass llng_portal_upstream;