You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/05/10 17:25:08 UTC

[GitHub] [incubator-apisix] Miss-you commented on issue #1455: bug: APISIX Admin API security risks

Miss-you commented on issue #1455:
URL: https://github.com/apache/incubator-apisix/issues/1455#issuecomment-626361078


   hi, after a previous high-availability solution design, I found it more reasonable to recommend users to use the Admin API and Dashboard as APISIX routing services.
   
   First, Kubernetes is the case. If the dashboard wants to be accessed, you need to configure an Ingress (corresponding to the APISIX route)
   Second, the default security limit of the Admin API can no longer be just 127.0.0.1, but can also be a common intranet address: such as 10.0.0.0/8, etc.
   Third, the security limit of 127.0.0.1 of Admin API is not simple enough. Many people found that Admin API is not available after upgrading APISIX to 1.2, because the default configuration is only accessible through 127.0.0.1


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org