bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3b9be5f7ac4c28c0553151480728a7af8527688
blog/content/posts/commits/2026-04-09-commit-e2761e1.md
Betty cb7b97b11d
All checks were successful
Hugo Build & Deploy / build-deploy (push) Successful in 11s
Details
post: commit e2761e1 in bojemoi_boot
2026-04-09 22:29:02 +02:00

1012 B
Raw Blame History

title, date, draft, tags, categories, summary, author
title date draft tags categories summary author
[bojemoi_boot] fix(security): remove dnsmasq webproc port 8080 from public ingress 2026-04-09T22:29:01+02:00 false
commit
bojemoi_boot
main
Git Activity
Commit e2761e1 par Betty dans bojemoi_boot Betty

Commit e2761e1
Repository bojemoi_boot
Branch main
Author Betty
Hash e2761e17dbeb6ea4e6344ca349d4c3fd4fde1b0b

Description

Port 8080 (webproc admin UI) was published directly, accessible from any container on the backend/overlay networks. A compromised container could rewrite dnsmasq config to redirect internal domains.

Admin UI remains accessible via Traefik at dnsmasq.bojemoi.lab (HTTPS). Port 53 (DNS resolution) unchanged.

Co-Authored-By: Claude Sonnet 4.6 noreply@anthropic.com

Files Changed

M	stack/01-boot-service.yml

Diff Summary

 stack/01-boot-service.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Reference in New Issue View Git Blame Copy Permalink