Hacker News new | ask | show | jobs
by SJC_Hacker 314 days ago
Easiest way to make it safe is

1) Run it in a container

2) Isolate it through a reverse proxy, probably nginx
2 comments
integralid 313 days ago
This doesn't make it safe. It can still be exploited and used to join a botnet, as a proxy, to mine cryptocurrency, to spy on requests or redirect users to malicious websites or phish them, to host malware...
link
SJC_Hacker 313 days ago
Maybe but at least the damage is isolated … can always just restart container

Also I’m curious how a bonnet can get through a container … outgoing connections should be blocked by default

link
antonvs 313 days ago
3) Deploy on a cloud provider’s managed Kubernetes behind a WAF. Now it’s web scale!
link