Hello guys, I’m have little to no experience when i have to deal with networking or cybersecurity.

I recently created a backend RESTful API on my Ubuntu VM on my personal desktop and dockerized the app, connecting it to a bridge network named ‘tunnel.’ I also have the Cloudflare Docker hosted in the same ‘tunnel’ network, which allows my local RESTful API Docker to be accessible via my domain and exposed to the internet.

Can anyone help me understand if this setup poses any security risks to my home network?

If so, what should I do to help reduce the risk? I have read that firewall helps, but does a restful api container developed with golang requires it?

  • pentesticals@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Stick your services in a DMZ. It’s easy to setup with PFSense. Don’t allow traffic from your service to anywhere that it shouldn’t go. If your API contains any vulnerabilities, they could be abused to pivot into the internal network. Now, it’s not likely, but it’s certainly possible. Especially if those APIs are from someone open source project or something, if a vuln gets discovered it’s likely to be targeted en-mass.

    • Sheeesssshhhhhh@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Ahhh, got it. I think implementing DMZs and having additional hardware to run my services seems to be the safest option. But yea, thanks alot!