Desktop

How to Fix the Docker and UFW Security Flaw

If you use Docker on Linux, chances are your system firewall might be relegated to Uncomplicated Firewall (UFW). If that’s the case, you may not know this, but the combination of Docker and UFW poses a bit of a security issue. Why? Because Docker actually bypasses UFW and directly alters iptables, such that a container can bind to a port. This means all those UFW rules you have set won’t apply to Docker containers.

Let me demonstrate this.

I’m going to set up UFW (running on Ubuntu Server 16.04), so that the only thing it will allow through is SSH traffic. To do this, I open a terminal and issue the following commands:

sudo ufw allow ssh

sudo ufw default deny incoming

sudo ufw enable

Read more at TechRepublic

If you use Docker on Linux, chances are your system firewall might be relegated to Uncomplicated Firewall (UFW). If that’s the case, you may not know this, but the combination of Docker and UFW poses a bit of a security issue. Why? Because Docker actually bypasses UFW and directly alters iptables, such…

If you use Docker on Linux, chances are your system firewall might be relegated to Uncomplicated Firewall (UFW). If that’s the case, you may not know this, but the combination of Docker and UFW poses a bit of a security issue. Why? Because Docker actually bypasses UFW and directly alters iptables, such…

Leave a Reply

Your email address will not be published. Required fields are marked *