From 26a023813e0ef2d3a366712e37ffcd348ece3955 Mon Sep 17 00:00:00 2001 From: Caleb Maclennan Date: Fri, 7 May 2021 12:35:22 +0300 Subject: [PATCH] =?UTF-8?q?Bind=20to=20=E2=80=98localhost=E2=80=99=20inste?= =?UTF-8?q?ad=20of=20=E2=80=980.0.0.0=E2=80=99=20by=20default?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a small safety precaution to make sure the out of the box configuration is not world routeable. Bringing this up on a public interface with a connected database could be a security concern. Any sysadmin worth their salt is going to test offline or by binding to localhost only first anyway, but this gets them started on the right foot and makes sure people don't make mistakes. Also with the high likelihood that a proxy is going to be used for HTTPS termination anyway, the decision to move to a public IP should be more deliberate. --- config.toml.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.toml.sample b/config.toml.sample index d1022a3..0180a11 100644 --- a/config.toml.sample +++ b/config.toml.sample @@ -1,6 +1,6 @@ [app] # Interface and port where the app will run its webserver. -address = "0.0.0.0:9000" +address = "localhost:9000" # BasicAuth authentication for the admin dashboard. This will eventually # be replaced with a better multi-user, role-based authentication system.