pwning-juice-shop icon indicating copy to clipboard operation
pwning-juice-shop copied to clipboard

Published 20 hours ago verified publisher icon juice-shop

Don't forward all IPs to the docker container

Open njm506 opened this issue 9 months ago • 0 comments

The docker instructions say to use -p 3000:3000, but this forwards port 3000 on all host interfaces. That means that, in the absence of a host firewall, anyone on the network can connect to your juice shop, which is possibly not what you want for self-study.

Instead, docker provides a facility to only forward ports on selected IP addresses; -p 127.0.0.1:3000:3000 will only forward port 3000 on localhost (v4); if that is sufficient for the exercises perhaps it would be a more conservative configuration to suggest?

docs/modules/ROOT/pages/part1/running.adoc

njm506 avatar May 17 '24 11:05 njm506