Security Fix
Added localhost-only protection for admin endpoints to prevent DoS attacks when worker service is bound to 0.0.0.0 for remote UI access.
Changes
- Created
requireLocalhostmiddleware to restrict admin endpoints - Applied to
/api/admin/restartand/api/admin/shutdown - Returns 403 Forbidden for non-localhost requests
Security Impact
Prevents unauthorized shutdown/restart of worker service when exposed on network.
Fixes security concern raised in #368.