8000 PostgreSQL Database Exposed to the Internet · Issue #2357 · knadh/listmonk · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
PostgreSQL Database Exposed to the Internet #2357
New issue
New issue
Closed
Closed
PostgreSQL Database Exposed to the Internet#2357
Labels
bugSomething isn't working
@turboyz

Description

@turboyz
turboyz
opened on Mar 19, 2025

Version:

  • listmonk: latest
  • Deployment: Docker

Description of the bug and steps to reproduce:

By default, the docker-compose.yml configuration exposes PostgreSQL to all network interfaces (0.0.0.0:5432), which can lead to unauthorized access if not secured properly.

Steps to reproduce:

  1. Deploy Listmonk using the default docker-compose.yml.
  2. Run the following command to check PostgreSQL's exposure: 
    sudo netstat -tulnp | grep 5432

Proposed Fix:

Modify docker-compose.yml to explicitly bind PostgreSQL to localhost:

ports:
   - "127.0.0.1:5432:5432"  # Restrict to localhost

After applying this change, restart the services:

docker-compose down
docker-compose up -d

Security Verification

Run:

sudo netstat -tulnp | grep 5432

Expected output:

tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0