-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Default host to localhost when in development mode.
* Running Rack apps on 0.0.0.0 in development mode will allow malicious users on the local network (ex: Coffee Shop) to abuse or potentially exploit the app. Safer to default host to localhost when in development mode.
- Loading branch information
1 parent
189bce4
commit 0f9a959
Showing
2 changed files
with
2 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't most, if not all Firewalls block incoming by default?
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@envygeeks, not everyone runs a[n enabled] firewall. A default Debian installation does not feature one, for example. Not sure about OS X.
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@whitequark The default Debian install does come with a packet filter and most sysadmins who use Debian would have already added:
as one of the first things they do on their clean system... I too do not know about OS X. On Ubuntu you need only type:
on Windows I believe you need do nothing special because it's Firewall is enabled by default if I remember.
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also not sure about OSX or Windows. Do they block all incoming connections, or only certain port rages?
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@envygeeks, the key word is "sysadmins". We're talking about developers here.
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just checked my Windows laptop and it looks like on Windows it defaults to blocking based on application so by default it allows no incoming connections that are not related, unless it's networking (router communication and such) and if you choose home it will allow sharing and all that junk.
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@whitequark fair enough, that's a good point.
0f9a959
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW, even though Ubuntu/Fedora started shipping with connection-tracking firewalls, they still run internal services on
127.0.0.1
.