I am just deploying my first phoenix app. I have bound the server to the localhost interface and have it accessed by an nginx webserver. I also managed to bind epmd to the localhost interface.
However, beam.smp is listening not only to 127.0.0.1:4000 but also to 0.0.0.0:34579 at the public interface. Isn’t that a security issue? How can I bind that port also to localhost?
thx
Distillery node defaults - should I be concerned about security? might be relevant.
tl;dr you might try to set config :kernel, inet_dist_use_interface: {127, 0, 0, 1}.
Note that remote shell (bin/<your_app> remote) might stop working after that change.
If you configure your firewall correctly - not at all.
But then I would have to configure a packet filter, which adds complexity and additional complexity means additional security holes.
I think its preferable to configure all the services, that don’t need to be public, to the local interface. Then you don’t need a packet filter at all.
© Copyright Elixir Forum | Terms | Privacy & Cookies
