Docker Community Forums

Share and learn in the Docker community.

Docker bypasses UFW security

OS: Ubuntu 20.04.1 LTS
Docker: 20.10.2

Docker bypasses UFW security and opens http port which should be accessible only via openvpn.

Tips like suppressing iptables changes seem not be the right solution.

Is there any official Docker solution or recommnedation? Thanks

Finally I have found this excelent solution. Docker containers are exposed only via openvpn like required :smiley:

If that’s the case, you may not know this, but the combination of Docker and UFW poses a bit of a security issue. … Because Docker actually bypasses UFW and directly alters iptables, such that a container can bind to a port. This means all those UFW rules you have set won’t apply to Docker containers.

1 Like