From a7cde75df636aabec369dc12383ea18af9f5c6f2 Mon Sep 17 00:00:00 2001
From: AyubM <ayub@ayub.info>
Date: Tue, 10 Jan 2023 00:35:54 -0500
Subject: [PATCH] Updated Hardening Guide (markdown)

---
 Hardening-Guide.md | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/Hardening-Guide.md b/Hardening-Guide.md
index 0f7cac8..3e8bd05 100644
--- a/Hardening-Guide.md
+++ b/Hardening-Guide.md
@@ -83,8 +83,23 @@ For general discussion about subpath hosting for security refer to: https://gith
 
 If you make this change, you may also have to change the reverse proxy to add this path to /notifications/hub. For example, in Caddy v2:
 ```Caddyfile
-vaultwarden.example.com {
+mysubdomain.example.com {
 	reverse_proxy /my-custom-path/notifications/hub 10.0.0.150:3012
         reverse_proxy 10.0.0.150:8083
 }
-```
\ No newline at end of file
+```
+
+Or if you'd like to make Caddy drop all connections besides for vaultwarden
+```Caddyfile
+mysubdomain.example.com {
+	route {
+		reverse_proxy /my-custom-path/notifications/hub 10.0.0.150:3012
+		reverse_proxy /my-custom-path/* 10.0.0.150:8083 {
+			header_up X-Real-IP {remote_host}
+		}
+		handle /* {
+			abort
+		}
+	}
+}
+```