PostgreSQL Database Exposed to the Internet

### **Version:**
- listmonk: latest
- Deployment: Docker  

### **Description of the bug and steps to reproduce:**  
By default, the `docker-compose.yml` configuration exposes PostgreSQL to all network interfaces (`0.0.0.0:5432`), which can lead to unauthorized access if not secured properly.  

### **Steps to reproduce:**  
1. Deploy Listmonk using the default `docker-compose.yml`.  
2. Run the following command to check PostgreSQL's exposure:  
   ```sh
   sudo netstat -tulnp | grep 5432

### **Proposed Fix:**

Modify docker-compose.yml to explicitly bind PostgreSQL to localhost:
   ```sh
   ports:
      - "127.0.0.1:5432:5432"  # Restrict to localhost
```

After applying this change, restart the services:
   ```sh
   docker-compose down
   docker-compose up -d
```
### **Security Verification**  

#### **Run:**  
```sh
sudo netstat -tulnp | grep 5432
```
### **Expected output:**  
```sh
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN


    

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

PostgreSQL Database Exposed to the Internet #2357

Version:

Description of the bug and steps to reproduce:

Steps to reproduce:

Proposed Fix:

Security Verification

Run:

Expected output:

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

PostgreSQL Database Exposed to the Internet #2357

Description

Version:

Description of the bug and steps to reproduce:

Steps to reproduce:

Proposed Fix:

Security Verification

Run:

Expected output:

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions