-
-
Notifications
You must be signed in to change notification settings - Fork 119
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dashboard uses HTTP (where HTTPS should be expected) #77
Comments
Great suggestion - I agree that this should be added in the long term. Right now, Dashboard is still in beta so our main priority is getting feedback so that we can improve the user experience and interface of the main pages. |
If you need HTTPS so desperately, deploy reverse proxy with internal certificates. I suggest and am myself using Caddy also in docker container which is a bit of pain to set up but works wonders once done. |
Describe the bug
The Dashboard is used as an interface to your containers. The Dashboard is protected by a username & password combination.
However, this information is served over an HTTP connection, which suggests the data between the Dashboard container and the web browser is unprotected, resulting in exposing confidential information (login credentials / financial data / others?) to the network.
Steps to reproduce bug
The text was updated successfully, but these errors were encountered: