Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Consider binding to localhost by default
See original GitHub issueI think users might be surprised if their box starts running an open proxy by nature of running mitmproxy. I propose changing the default to act like mitmproxy -b 127.0.0.1 instead.
Issue Analytics
- State:
- Created 7 years ago
- Reactions:3
- Comments:10 (5 by maintainers)
Top Results From Across the Web
What is the difference between 0.0.0.0, 127.0.0.1 and localhost?
I found that Jekyll server will bind to 0.0.0.0:4000 instead of 127.0.0.1:4000 . Also gem server will bind to this address by default....
Read more >services are bound to localhost by default and it doesnt work ...
The services need to be bound to the user's machine IP address in order to access it from inside docker. This requires updating...
Read more >How secure is binding to localhost in order to prevent remote ...
The first and main thing is to ensure that the firewall on your host is configured to properly drop incoming packets with source...
Read more >liberty localhost port binding - Forums - IBM Support
By default my liberty 8.5.5 server is binding to a random port on 127.0.0.1: ... I'm considering developing a Liberty cartridge (runtime option)...
Read more >[SERVER-792] Bind to localhost by default in RPM and debs ...
mongod binds all network interfaces and accepts all request without any auth on port 27017 and 28017. It means anyone can access mongod...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Soon after I have started mitmproxy I found it was connected by differrent external ip addresses. I want to tell you that mitmproxy is just a free open source replacement (and it still misses lots of features) for Telerik Fiddler (which is proprietary) and Fiddler by default disallows remote connections to protect their users. Why the f*ck do you do in the other way? Why the f*ck don’t you send the headers by default with information about the remote hosts using the proxy by default to deter abuse? Are you somehow related to the ones who scan the networks for open mitmproxies to use them?
I’m usually all-for conservative approaches when it comes to security, but in this case I think it is reasonable that, in deliberately starting a known proxy-server including the word proxy in its binary name, you should be willing to accept that by-default this will install an open-proxy server. Hopefully it is sufficient that there is already a mechanism to restrict the address/adapter binding if desired.
My 2c worth.