top | item 34861490

(no title)

protortyp | 3 years ago

Great write-up. I remember how shocked I was a few years back when we moved our backend to a micro-service architecture and our native Postgres installation to a docker container. As (I suppose) almost everyone, we also used ufw to manage the firewall.

Security should be the default stance, and any port exposed through docker should initially be restricted to local only. Going global should be explicit, imo.

discuss

No comments yet.