You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/SECURITY.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ This includes (but is not limited to):
8
8
- Running NetAlertX only on networks where you have legal authorization
9
9
- Keeping your deployment up to date with the latest patches
10
10
11
-
> NetAlertX is not responsible for misuse, misconfiguration, or insecure deployments. Always test and secure your setup before exposing it to the outside world. Users interacting with the UI are treated as trusted actors within the deployment model. Always properly secure and isolate your deployment before exposing it externally.
11
+
> NetAlertX is not responsible for misuse, misconfiguration, or insecure deployments. Always test and secure your setup before exposing it to the outside world. Users interacting with the UI are treated as trusted actors within the deployment model.
12
12
13
13
# 🔐 Securing Your NetAlertX Instance
14
14
@@ -36,7 +36,7 @@ NetAlertX is designed to be run on **private LANs**, not the open internet.
36
36
37
37
### ✅ Tailscale (Easy VPN Alternative)
38
38
39
-
Tailscale sets up a private mesh network between your devices. It's fast to configure and ideal for NetAlertX.
39
+
Tailscale sets up a private mesh network between your devices. It's fast to configure and ideal for NetAlertX.
40
40
👉 [Get started with Tailscale](https://tailscale.com/)
41
41
42
42
---
@@ -63,19 +63,19 @@ By default, NetAlertX does **not** require login. Before exposing the UI in any
63
63
64
64
## 🔥 Additional Security Measures
65
65
66
-
-**Firewall / Network Rules**
66
+
-**Firewall / Network Rules**
67
67
Restrict UI/API access to trusted IPs only.
68
68
69
-
-**Limit Docker Capabilities**
69
+
-**Limit Docker Capabilities**
70
70
Avoid `--privileged`. Use `--cap-add=NET_RAW` and others **only if required** by your scan method.
71
71
72
-
-**Keep NetAlertX Updated**
72
+
-**Keep NetAlertX Updated**
73
73
Regular updates contain bug fixes and security patches.
74
74
75
-
-**Plugin Permissions**
75
+
-**Plugin Permissions**
76
76
Disable unused plugins. Only install from trusted sources.
77
77
78
-
-**Use Read-Only API Keys**
78
+
-**Use Read-Only API Keys**
79
79
When integrating NetAlertX with other tools, scope keys tightly.
0 commit comments