We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
listmonk
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Bind to ‘localhost’ instead of ‘0.0.0.0’ by default

This is a small safety precaution to make sure the out of the box
configuration is not world routeable. Bringing this up on a public
interface with a connected database could be a security concern. Any
sysadmin worth their salt is going to test offline or by binding to
localhost only first anyway, but this gets them started on the right
foot and makes sure people don't make mistakes.

Also with the high likelihood that a proxy is going to be used for HTTPS
termination anyway, the decision to move to a public IP should be more
deliberate.
Caleb Maclennan 4 years ago
parent
6c40e05d2d
commit
26a023813e
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      config.toml.sample

+ 1 - 1
config.toml.sample
View File 

@@ -1,6 +1,6 @@
 
 [app]
 
 # Interface and port where the app will run its webserver.
 
-address = "0.0.0.0:9000"
 
+address = "localhost:9000"
 
 
 # BasicAuth authentication for the admin dashboard. This will eventually
 
 # be replaced with a better multi-user, role-based authentication system.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5