
In the docs for Custom Domain (https://appwrite.io/docs/advanced/platform/custom-domains#endpoint) it is stated that "By default, Appwrite only allows API calls from localhost, appwrite.io, and your project's default custom domains. " My appwrite is on a VPS and I can make API calls both from the front end that runs on my domain and the front end from my localhost. Perhaps a noob question: but how can Appwrite know that my localhost is the legitimate one and someone else making API calls from another locahost is not? I don't remember uniquely authenticating my localhost towards my appwrite instance. Or is there some magic happening in the background that I am not aware of? And if any localhost can make API calls to my appwrite: how do I close this security hole?
Recommended threads
- User Queries not working
When I try to use queries on users, it gives error saying invalid query method. Now, I dont know whether it is possible or not to query users or it’s just some...
- appwrite cli alpine os
the appwrite cli does not work on alpine os if you install it using the recommended bash script. Maybe there is the possibility to compile it for alpine using t...
- Email OTP Mail Getting Delayed by 10 min...
I just noticed I am reciving delayed otp emails on frankfurt server we are on free plan now but we are planning to change to get on to paid plan can anyone plea...
