| ▲ | rubslopes 12 days ago | |||||||
Good catch. OP, exposing your application without authentication is a serious security risk! Quick anecdote: Last week, I ran a Redis container on a VPS with an exposed port and no password (rookie mistake). Within 24 hours, the logs revealed someone attempting to make my Redis instance a slave to theirs! The IP traced back to Tencent, the Chinese tech giant... Really weird. Fortunately, there was nothing valuable stored in it. | ||||||||
| ▲ | acheong08 12 days ago | parent | next [-] | |||||||
> The IP traced back to Tencent, the Chinese tech giant... Really weird. They're a large cloud provider in Asia like Amazon AWS or Microsoft Azure. I doubt such a tech company would make it that obvious when breaking the law. | ||||||||
| ||||||||
| ▲ | spennant 12 days ago | parent | prev [-] | |||||||
I made a few assumptions about the actual deployer and their environment that I shouldn’t have… I’ll need to address this. Thanks! | ||||||||