From e5285c09a90b842aaa17073c2dae18a19f55da0d Mon Sep 17 00:00:00 2001 From: djdefi Date: Sun, 20 Mar 2022 23:30:18 -0700 Subject: [PATCH] Clarify that web and api request redirect to configured hostname in GHES (#26217) --- .../configuring-a-hostname.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index 2727ae6ddc07..4c374cc4df84 100644 --- a/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -16,7 +16,11 @@ topics: --- If you configure a hostname instead of a hard-coded IP address, you will be able to change the physical hardware that {% data variables.product.product_location %} runs on without affecting users or client software. -The hostname setting in the {% data variables.enterprise.management_console %} should be set to an appropriate fully qualified domain name (FQDN) which is resolvable on the internet or within your internal network. For example, your hostname setting could be `github.companyname.com.` We also recommend enabling subdomain isolation for the chosen hostname to mitigate several cross-site scripting style vulnerabilities. For more information on hostname settings, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). +The hostname setting in the {% data variables.enterprise.management_console %} should be set to an appropriate fully qualified domain name (FQDN) which is resolvable on the internet or within your internal network. For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -30,4 +34,4 @@ The hostname setting in the {% data variables.enterprise.management_console %} s {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -After you configure a hostname, we recommend that you enable subdomain isolation for {% data variables.product.product_location %}. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)."