capnspacehook
commented
7 months ago Yes, you should be able to accomplish this by setting whalewall rules for the reverse proxy container and all containers behind the reverse proxy. You would only set mapped port rules and expose ports for the reverse proxy container and then all other containers wouldn't be able to be accessed directly.
hello, im curently running a reverse proxy setup with multiple containers in docker compose. I have a domain that the reverse proxy uses. I am planning on using authentication via the reverse proxy for all my apps.
However the reverse proxy can be bypassed by entering domain.com:port of specific container this is because my reverse proxy is on the same machine as my other services and i cant shut any ports via the router.
can i use whalewall to restrict the incoming request of all the container to the reverse proxy and would doing this prevent this kind of bypass? im new to containerization and networking so sorry if its already stated elsewhere
one way that has worked before was to have the reverse proxy on a separate device and ip address but i cant do that anymore and i don't know how i can do that with docker