The Habit That Was The Bug
The article discusses a recurring issue faced by the author with a self-hosted application firewall on a Docker host. The problem arises when Docker restarts its proxy process, leading to silent connection failures due to the firewall's default deny policy. A workaround is implemented to refresh the firewall rules, restoring functionality without needing to restart the container.
- ▪The author experienced repeated connection failures with their self-hosted application due to a conflict between Docker's proxy process and an application firewall.
- ▪When Docker restarts, it spawns a new proxy process with a different PID, which the firewall does not recognize, resulting in dropped connections.
- ▪The author developed a manual workaround that involves reloading the firewall rules to restore connectivity after each container restart.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3833964) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Chris Posted on May 30 • Originally published at mpdc.dev The Habit That Was The Bug #security #selfhosted #docker #linux The first time it happened, I lost 45 minutes diagnosing it. By the tenth or so, I was muscle-memory typing the fix before the symptoms finished registering. That's the moment I should have flagged. I didn't. I just kept typing. THE BITE Ghost went down for 45 minutes. The CMS running mpdc.dev. Site unreachable. docker inspect showed the container healthy.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
