Results 1 to 2 of 2

Thread: What are the consequences of deploying flask application via 0.0.0.0

  1. #1
    Join Date
    Sep 2019
    Beans
    12

    What are the consequences of deploying flask application via 0.0.0.0

    What are the consequences if I deploy a flask application via 0.0.0.0:5000?

    Are there security practices that you could advice me during the deployement of a flask application?

    https://en.wikipedia.org/wiki/Flask_(web_framework)

  2. #2
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: What are the consequences of deploying flask application via 0.0.0.0

    Quote Originally Posted by jenniferruurs View Post
    What are the consequences if I deploy a flask application via 0.0.0.0:5000?

    Are there security practices that you could advice me during the deployement of a flask application?

    https://en.wikipedia.org/wiki/Flask_(web_framework)
    Too many practices to even touch on the basics in a forum like this. There are probably a thousand things that need to be done in the application and another thousand things that need to be done on the infrastructure to aid with being more secure.

    #1 only allow the minimal access required to accomplish any specific task to the individual who is authorized to perform that task. Start with that. Don't allow anyone access to a task who doesn't have a requirement to perform that task. It is a very simple idea, but the implementation goes through every layer from the WAN firewall, reverse proxy, server firewall, webapp, and DB servers. That is at least 5 layers of security for every :action: URL, when implemented following best practices.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •