Exposing Port 22 (SSH)

  • Query id: 5907595b-5b6d-4142-b173-dbb0e73fbff8
  • Query name: Exposing Port 22 (SSH)
  • Platform: Dockerfile
  • Severity: Low
  • Category: Best Practices
  • URL: Github

Description

Expose only the ports that your application needs and avoid exposing ports like SSH (22)
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - dockerfile file
FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 3000 80 443 22
CMD ["nginx", "-g", "daemon off;"]

Code samples without security vulnerabilities

Negative test num. 1 - dockerfile file
FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]