---
title: "[bojemoi_boot] fix(security): remove dnsmasq webproc port 8080 from public ingress"
date: 2026-04-09T22:29:01+02:00
draft: false
tags: ["commit", "bojemoi_boot", "main"]
categories: ["Git Activity"]
summary: "Commit e2761e1 par Betty dans bojemoi_boot"
author: "Betty"
---

## Commit `e2761e1`

| | |
|---|---|
| **Repository** | bojemoi_boot |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `e2761e17dbeb6ea4e6344ca349d4c3fd4fde1b0b` |


### Description

Port 8080 (webproc admin UI) was published directly, accessible from any
container on the backend/overlay networks. A compromised container could
rewrite dnsmasq config to redirect internal domains.

Admin UI remains accessible via Traefik at dnsmasq.bojemoi.lab (HTTPS).
Port 53 (DNS resolution) unchanged.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
M	stack/01-boot-service.yml
```

### Diff Summary

```
 stack/01-boot-service.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
```