Skip to content

fix(docker): Restrict falco-webui service to local access only#3838

Merged
poiana merged 1 commit intofalcosecurity:masterfrom
qux-bbb:patch-1
May 5, 2026
Merged

fix(docker): Restrict falco-webui service to local access only#3838
poiana merged 1 commit intofalcosecurity:masterfrom
qux-bbb:patch-1

Conversation

@qux-bbb
Copy link
Copy Markdown
Contributor

@qux-bbb qux-bbb commented Mar 28, 2026

Change the port binding of the falco-webui service from public access to local access only (127.0.0.1) to enhance security.

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

/kind release

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area build

/area engine

/area tests

/area proposals

/area CI

What this PR does / why we need it:
Restricts the falco-webui service port binding from public access to local access only (127.0.0.1) to enhance security. This ensures the web UI is only accessible from the host machine, reducing the attack surface.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:
NONE

fix(docker): Restrict falco-webui service to local access only

@qux-bbb
fix(docker): Restrict falco-webui service to local access only
7b713f2 
Change the port binding of the falco-webui service from public access to local access only (127.0.0.1) to enhance security.

Signed-off-by: qux-bbb <1147635419@qq.com>
@poiana poiana requested review from Kaizhe and irozzo-1A March 28, 2026 14:43
@poiana
Copy link
Copy Markdown
Contributor

poiana commented Mar 28, 2026

Welcome @qux-bbb! It looks like this is your first PR to falcosecurity/falco 🎉

@poiana poiana added the size/XS label Mar 28, 2026
@ekoops
Copy link
Copy Markdown
Contributor

ekoops commented May 4, 2026

PR looks good! Closing and re-opening this as it seems CI didn't run

@ekoops ekoops closed this May 4, 2026
@github-project-automation github-project-automation Bot moved this from Todo to Done in Falco Roadmap May 4, 2026
@ekoops
Copy link
Copy Markdown
Contributor

ekoops commented May 4, 2026

/reopen

@poiana poiana reopened this May 4, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented May 4, 2026

@ekoops: Reopened this PR.

Details

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-project-automation github-project-automation Bot moved this from Done to In progress in Falco Roadmap May 4, 2026
@ekoops
Copy link
Copy Markdown
Contributor

ekoops commented May 4, 2026

/close

@poiana poiana closed this May 4, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented May 4, 2026

@ekoops: Closed this PR.

Details

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-project-automation github-project-automation Bot moved this from In progress to Done in Falco Roadmap May 4, 2026
@ekoops
Copy link
Copy Markdown
Contributor

ekoops commented May 4, 2026

/reopen

@poiana poiana reopened this May 4, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented May 4, 2026

@ekoops: Reopened this PR.

Details

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-project-automation github-project-automation Bot moved this from Done to In progress in Falco Roadmap May 4, 2026
ekoops
ekoops approved these changes May 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@ekoops ekoops left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@poiana poiana added the lgtm label May 4, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented May 4, 2026

LGTM label has been added.

DetailsGit tree hash: 4b533bf0b380a0191be2af9174869e9910909392

@ekoops ekoops added this to the 0.44.0 milestone May 4, 2026
@poiana poiana added the approved label May 4, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented May 5, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ekoops, leogr, qux-bbb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit cd1a862 into falcosecurity:master May 5, 2026
32 checks passed
@github-project-automation github-project-automation Bot moved this from In progress to Done in Falco Roadmap May 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leogr leogr leogr approved these changes

@ekoops ekoops ekoops approved these changes

@irozzo-1A irozzo-1A Awaiting requested review from irozzo-1A

@Kaizhe Kaizhe Awaiting requested review from Kaizhe

Assignees

@leogr leogr

@ekoops ekoops

Labels

approved area/build dco-signoff: yes kind/bug lgtm release-note size/XS

Projects

Falco Roadmap
Status: Done

Milestone

0.44.0

Development

Successfully merging this pull request may close these issues.

4 participants

@qux-bbb @poiana @ekoops @leogr