huquad Posted October 15, 2023 Share Posted October 15, 2023 Hello friends! I recently setup an Authelia container to work as a front end for most of my apps (sonarr/radarr/heimdall/etc). Ideally, I'd only have to use Authelia for authentication and then disable the login page for my apps. However, I still have access locally to the dockers through the standard: http://xxx.xxx.xxx.xxx:7878 (radarr for example) and don't want to expose my apps locally (without protection) to minimize horizontal movement should I get pwned. Is there anyway to disable the local connection, or auto-redirect to the reverse proxy link: https://radarr.mydomain.url ? Thanks for the advice! Quote Link to comment
huquad Posted October 15, 2023 Author Share Posted October 15, 2023 (edited) I just discovered I can remove/delete the port on the docker container when I go to edit the configuration. As far as I can tell, this removes the external access while still allowing my reverse-proxy container (SWAG) access within my proxy-net. Can anyone tell me if this is the right/best/secure way to go about locking down services? Edited October 15, 2023 by huquad Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.