couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hammant <p...@hammant.org>
Subject Re: CouchDB in the cloud - security assessment from dev team?
Date Sat, 27 May 2017 09:49:57 GMT
Jan,

Looking at https://docs.bitnami.com/general/infrastructure/couchdb/ they're
making an admin account by default, which implies that ransomware stuff
won't happen simply because admin-party-mode == true

The documentation recommends the reader should edit local.ini in three
places. One to get it to accept connections from something other than
127.0.0.1, another for changing the admin password, and the last to setup
HTTPS (with certs).

>From a DevOps point of view, scripts would be better:
 openCouchUpFrom127001ToAll.sh, chgCouchAdminPassword.sh and alike.

I'll do some more checking.

Regards,

- Paul

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message