Section | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Warning |
---|
Potential Points of Infection to avoid when deploying on Internet Do not have VM with ssh access via password. (Public key authentication only. UsePrivilegeSeparation yes. StrictModes yes. PermitRootLogin no OR without-password. HostbasedAuthentication no.) Do not have default or easily guessed credentials. (Plus avoid Tomcat manager. PostgreSQL and InfluxDB only to local Network) Do not have Docker containers build and run like in dev without any further security restrictions. He must pass https://github.com/docker/docker-bench-security |
Prerequisites
Technical prerequisites for customer
...