Changeset View
Changeset View
Standalone View
Standalone View
doc/JSON-RPC-interface.md
Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines | - **Securing remote network access:** You may optionally allow other | ||||
for enabling connections over secure private networks or connections | for enabling connections over secure private networks or connections | ||||
that have been otherwise secured (e.g. using a VPN or port forwarding | that have been otherwise secured (e.g. using a VPN or port forwarding | ||||
with SSH or stunnel). **Do not enable RPC connections over the public | with SSH or stunnel). **Do not enable RPC connections over the public | ||||
Internet.** Although Bitcoin ABC's RPC interface does use | Internet.** Although Bitcoin ABC's RPC interface does use | ||||
authentication, it does not use encryption, so your login credentials | authentication, it does not use encryption, so your login credentials | ||||
are sent as clear text that can be read by anyone on your network | are sent as clear text that can be read by anyone on your network | ||||
path. Additionally, the RPC interface has not been hardened to | path. Additionally, the RPC interface has not been hardened to | ||||
withstand arbitrary Internet traffic, so changing the above settings | withstand arbitrary Internet traffic, so changing the above settings | ||||
to expose it to the Internet (even using something like a Tor hidden | to expose it to the Internet (even using something like a Tor onion | ||||
service) could expose you to unconsidered vulnerabilities. See | service) could expose you to unconsidered vulnerabilities. See | ||||
`bitcoind -help` for more information about these settings and other | `bitcoind -help` for more information about these settings and other | ||||
settings described in this document. | settings described in this document. | ||||
Related, if you use Bitcoin ABC inside a Docker container, you may | Related, if you use Bitcoin ABC inside a Docker container, you may | ||||
need to expose the RPC port to the host system. The default way to | need to expose the RPC port to the host system. The default way to | ||||
do this in Docker also exposes the port to the public Internet. | do this in Docker also exposes the port to the public Internet. | ||||
Instead, expose it only on the host system's localhost, for example: | Instead, expose it only on the host system's localhost, for example: | ||||
▲ Show 20 Lines • Show All 56 Lines • Show Last 20 Lines |