Exposing Port 22 (SSH)

• Query id: 5907595b-5b6d-4142-b173-dbb0e73fbff8
• Query name: Exposing Port 22 (SSH)
• Platform: Dockerfile
• Severity: Low
• Category: Best Practices
• URL: Github

Description

Expose only the ports that your application needs and avoid exposing ports like SSH (22)
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - dockerfile file

FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 3000 80 443 22
CMD ["nginx", "-g", "daemon off;"]

Code samples without security vulnerabilities

Negative test num. 1 - dockerfile file

FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]