security steps in the readme
This commit is contained in:
parent
5bf8b75a11
commit
bf39b924dd
|
@ -514,7 +514,7 @@ sudo nmap -sS 107.172.193.177 -p 7777,20381,5432
|
||||||
|
|
||||||
It is important to secure the Postgres port.
|
It is important to secure the Postgres port.
|
||||||
|
|
||||||
Using `ufw` didn't help because docker writes persisten rules to the `iptables`.
|
Using `ufw` doesn't help because docker writes persisten rules to the `iptables`.
|
||||||
|
|
||||||
To get around this, first run this command to allow only localhost connections to the docker containers:
|
To get around this, first run this command to allow only localhost connections to the docker containers:
|
||||||
|
|
||||||
|
@ -522,6 +522,8 @@ To get around this, first run this command to allow only localhost connections t
|
||||||
iptables -I DOCKER-USER -i eth0 ! -s 127.0.0.1 -j DROP
|
iptables -I DOCKER-USER -i eth0 ! -s 127.0.0.1 -j DROP
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Docker documentation reference for more info: [documentation](https://docs.docker.com/network/iptables/#restrict-connections-to-the-docker-host)
|
||||||
|
|
||||||
Next, to make the changes persistent across reboots, we are going to use `iptables-persistent` package.
|
Next, to make the changes persistent across reboots, we are going to use `iptables-persistent` package.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
|
Loading…
Reference in a new issue