I am going to run my nginx:stable-alpine web server in Docker, with DNAT port forwarding from my router and expose it to the Internet.
I would like to learn how to protect my lan environment from possible attackers, who can launch zero-days attacks on Nginx and take over the container.
The container will be run as follows:
docker run -d -p 32768:80 -p 32769:443 nginx:stable-alpine
And I want to close any outbound traffic from the container.
My first thought was that I would have to implement fw rules on Synology and ensure I have a have the right interface set up for the container (not bridge).
Any thoughts?
Tx
I would like to learn how to protect my lan environment from possible attackers, who can launch zero-days attacks on Nginx and take over the container.
The container will be run as follows:
docker run -d -p 32768:80 -p 32769:443 nginx:stable-alpine
And I want to close any outbound traffic from the container.
My first thought was that I would have to implement fw rules on Synology and ensure I have a have the right interface set up for the container (not bridge).
Any thoughts?
Tx