What about binding the containers on 127.0.0.1??

OpenVoiceOS / ovos-docker

Open Voice OS container images and docker-compose.yml files for x86_64 and aarch64 CPU architectures.

https://openvoiceos.github.io/ovos-docker/

Apache License 2.0

41 stars 13 forks source link

What about binding the containers on 127.0.0.1?? #19

Closed goldyfruit closed 1 year ago

goldyfruit commented 1 year ago

By default the containers are bound to 0.0.0.0 which means they could be reached from outside the container host. When running local this is not an issue but when running on a VPS then some services could be directly reached which causes a security issue.

There are few solutions:

Bind all the containers to 127.0.0.1
Inform the users about 0.0.0.0 vs 127.0.0.1