AWS lightsail documentation change
Summary
Added documentation for WordPress Multisite blueprint with note about IMDSv2 enforcement by default
Security assessment
The change adds documentation for a new WordPress Multisite blueprint and explicitly mentions that Instance Metadata Service Version 2 (IMDSv2) is enforced by default. IMDSv2 is a security feature that provides protection against SSRF attacks and unauthorized metadata access. This is documentation of a security feature rather than addressing a specific security vulnerability.
Diff
diff --git a/lightsail/latest/userguide/compare-options-choose-lightsail-instance-image.md b/lightsail/latest/userguide/compare-options-choose-lightsail-instance-image.md index 52e0209ce..450be041f 100644 --- a//lightsail/latest/userguide/compare-options-choose-lightsail-instance-image.md +++ b//lightsail/latest/userguide/compare-options-choose-lightsail-instance-image.md @@ -220,0 +221,11 @@ Learn more about [WordPress](https://bitnami.com/stack/wordpress) at the _Bitnam +****WordPress Multisite** ** + + +The WordPress Multisite blueprint provides a complete production environment with PHP, MariaDB, phpMyAdmin, and WordPress. Lightsail packages blueprints to be secure and up-to-date using industry best practices. + +Lightsail instances launched from WordPress Multisite will have Instance Metadata Service Version 2 (IMDSv2) enforced by default. For more information, see [How Instance Metadata Service Version 2 works](./amazon-lightsail-configuring-instance-metadata-service.html). + +[Set up WordPress Multisite on Lightsail](./amazon-lightsail-quick-start-guide-wordpress-multisite.html) + +Learn more about [WordPress Multisite](https://developer.wordpress.org/advanced-administration/multisite/) at the _WordPress_ website. +