While configuring a server, a question came to my mind: If I don't want a service to be accessible from the network/internet, is it better to set the listen address to 127.0.0.1/::1, to set a firewall rule, or both?
I am aware that firewall rules are much more powerful and allow for example to make a port reachable by only a handful of addresses, but in this simple case I would like to only consider the scenario, where everything except localhost is blocked.
I'm looking forward to your opinions on this matter.
No comments:
Post a Comment