search

NOXCIS / Wiregate

"WireGate: Secure Intranet Deployment with WireGuard, Docker, and Enhanced Network Controls"
MIT License
218 stars 5 forks source link

WGDashboard available outside local network in headless mode #8

Closed ghost closed 1 year ago

ghost commented 1 year ago

I can access WGDashboard outside network with default admin admin credentials. This is potentially unsafe if You can access web panel outside local network. I think it would be better if you could access web panel only if you connected to a peer like in wirehole.

I installed this docker image by your instructions on a clean Debian installation.

#!/bin/bash
git  clone  https://github.com/NOXCIS/Worm-Hole.git
cd  Worm-Hole
chmod  +x  install.sh
# I chose automatic install
sudo  ./install.sh
sudo docker-compose up
ghost commented 1 year ago

Also I can't even enable wg0 image

NOXCIS commented 1 year ago

Change the creds in settings and block port 10086 after making a client config. After blocking the port the only into the network is via wire guard.

NOXCIS commented 1 year ago

Fixes pushing tomorrow...

NOXCIS commented 1 year ago

@ronycage What is your setup btw?

ghost commented 1 year ago

@ronycage What is your setup btw?

My setup is Debian 10 on a VPS, I'm reinstalling to a 12 version right now

NOXCIS commented 1 year ago

Try latest pull