can we get password and user auth

[carolynsteeves1]

Hello! I love it, i was just wondering why it isnt possible to make an user and password for the web interface. It seems like an huge vulnerable attacking point

[jlesage]

Could you provide more details about the scenario where you see a vulnerability ?

I guess the people mostly deploy the container under their private/trusted network. When the container needs to be exposed to the internet, this is better done with a reverse proxy. Security, like imposing a username/password, is done by the reverse proxy.

[lifetraveler]

you can use base auth in nginx,this firefox reservy by nginx.

[patrick-GH]

I'm curious as on how to do this as well. Would like to restrict it from my internal users who try to go directly to the URL

[jlesage]

@patrick-GH, so the network connected to the host running the container is not "trusted" ?

[jlesage]

Note that today, you can at least use the VNC_PASSWORD environment variable to set a password to access the interface. See https://github.com/jlesage/docker-firefox#vnc-password

[Almaric78]

Bonjour, Est ce possible de logger toutes les IP des clients qui se connecte à l'URL dans un fichier de LOG ? Merci beaucoup Hello, Is it possible to log all client IPs that connect to the URL in a log file? Thanks

[Almaric78]

Could you provide more details about the scenario where you see a vulnerability ?

I guess the people mostly deploy the container under their private/trusted network. When the container needs to be exposed to the internet, this is better done with a reverse proxy. Security, like imposing a username/password, is done by the reverse proxy.

Hello, I have a Synology NAS and Docker on it, how to configure a reverse proxy for this service ? Is it possible to configure an Alias in Login Portal of DSM ? I tried but I did not succeed. Thanks a lot for your nice application.

[jlesage]

Bonjour, Est ce possible de logger toutes les IP des clients qui se connecte à l'URL dans un fichier de LOG ? Merci beaucoup Hello, Is it possible to log all client IPs that connect to the URL in a log file? Thanks

Bonjour (je vais répondre en anglais pour le bénéfice de tous),

You can have a look at log/nginx/access.log, under the directory you mapped to /config.

[jlesage]

Hello, I have a Synology NAS and Docker on it, how to configure a reverse proxy for this service ? Is it possible to configure an Alias in Login Portal of DSM ? I tried but I did not succeed. Thanks a lot for your nice application.

I don't have a Synology myself, but I know it has a build-in reverse proxy you can use. You should be able to find tutorials about it. For example:

• https://kb.synology.com/en-ca/DSM/help/DSM/AdminCenter/system_login_portal_advanced?version=7
• https://mariushosting.com/synology-how-to-use-reverse-proxy-on-dsm-7/

[Almaric78]

You can have a look at log/nginx/access.log, under the directory you mapped to /config.

Thanks ! but the nginx server log always the Gateway 172.17.0.1 of docker Bridge and not the final IP / client..

[jlesage]

Humm on my setup the log does contain the real IP address of the clients. Does your container use the default bridge network ? Are you accessing the container from your local network ?