Docker Security

[2ndtlmining]

Problem statement

At the start of the website we focused on features and getting it up and running and as Docker is fairly secure we didnt really build extra features ontop to secure it even more. In this enhancement like to see if we can improve the security elements of the app.

Updates

Looking to see if we can update the following

• Docker file: See if we can run the applications as non root user
• Docker images: Any of the Vulnerabilities we can potentially fix in the code. A lot if not possible and i am well aware but if potentially we can help with one or 2 without impacting performance
• Encryption logs: Any log encryption potentially we can do

Suggestions

Any other suggestions welcome here or best practises like to apply.

[2ndtlmining]

[FEATURE] docker improvement #74 Extra logged for encryption piece