Skip to content

Commit

Permalink
docs(deployment): update the description for hostname (#3994)
Browse files Browse the repository at this point in the history
  • Loading branch information
thonatos authored Oct 21, 2019
1 parent 27dacb7 commit adca166
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion docs/source/en/core/deployment.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ Arguments of dispatch can be configured in `config.{env}.js`.
exports.cluster = {
listen: {
port: 7001,
hostname: '0.0.0.0',
hostname: '127.0.0.1', // It is not recommended to set the hostname to '0.0.0.0', which will allow connections from external networks and sources, please use it if you know the risk.
// path: '/var/run/egg.sock',
}
}
Expand Down
2 changes: 1 addition & 1 deletion docs/source/zh-cn/core/deployment.md
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ $ egg-scripts start --port=7001 --daemon --title=egg-server-showcase
exports.cluster = {
listen: {
port: 7001,
hostname: '0.0.0.0',
hostname: '127.0.0.1', // 不建议设置 hostname 为 '0.0.0.0',它将允许来自外部网络和来源的连接,请在知晓风险的情况下使用
// path: '/var/run/egg.sock',
}
}
Expand Down

1 comment on commit adca166

@fuxingZhang
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

既然hostname 为 '0.0.0.0'不安全,为什么egg默认情况下监听ipv4(0.0.0.0)和ipv6(::),为什么不监听'127.0.0.1'。

如果默认监听'0.0.0.0'不安全,egg的默认配置就存在安全问题

How To Reproduce

  1. init egg
$ mkdir egg-example && cd egg-example
$ npm init egg --type=simple
$ npm i  
$ npm start 
  1. check port listening
  • in Linux
netstat -an | grep 7001

print

tcp6       0      0 :::7001       :::*       LISTEN 
  • in Windows
netstat -aon | findstr "7001"

print

  TCP    0.0.0.0:7001           0.0.0.0:0              LISTENING       704
  TCP    [::]:7001              [::]:0                 LISTENING       704

Context

  • Node Version: v12.13.1
  • Egg Version: 2.15.1
  • Platform: CentOS 7.6.1810 64bit
  • Platform: Windows 10.0.18362 64bit

结论

  • Linux 和 Windows 下默认监听的都是ipv4(0.0.0.0)和ipv6(::)
  • 文档说明应该和实际情况不一致,相互矛盾

Please sign in to comment.