Ensure not expose SSH Port 22
The EXPOSE
instruction indicates the ports on which a container listens for connections. Consequently, you should use the common, traditional port for your application. For example, an image containing the Apache web server would use EXPOSE 80
, while an image containing MongoDB would use EXPOSE 27017
and so on. Exposing SSH port can be dangers, it can be a groundbreaking for many attack vectors.
Risk Level: informational
Platform: Docker
Spectral Rule ID: DOCKR016
REMEDIATION
In EXPOSE
command remove port 22
FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
- EXPOSE 3000 80 443 22
+ EXPOSE 3000 80 443
CMD ["nginx", "-g", "daemon off;"]
Read more:
Updated over 1 year ago