-1

I run a SQL Server as a Docker container. Per default the container allows remote access.

Is there a way to prevent remote access?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
gartenkralle
  • 646
  • 1
  • 11
  • 21
  • Use a firewall? What do you mean by "remote" as in, connections not from within the container? – Thom A Feb 27 '23 at 15:29
  • What do you currently have set up? How could you access the container remotely? (Do you just need to remove a `docker run -p` or Compose `ports:` option?) – David Maze Feb 27 '23 at 15:30
  • The sql server is accessible from another machine on the internet. Of course I do port mapping because I need access from the host machine via localhost. – gartenkralle Feb 27 '23 at 15:41
  • 1
    *If* a machine on the internet can access it, that means you have port forwarding set on on your router, *and* the firewall is permitting connections on that port; a PC on the internet can't just access your PC unless the right networking requirements are put in place *and* the person on the other PC knows your external IP. – Thom A Feb 27 '23 at 15:45

1 Answers1

1

When you map the port, add 127.0.0.1 as the bound IP address. That will limit access to the mapped port to the host machine.

I.e. do something like

docker run -d -p 127.0.0.1:1433:1433 mcr.microsoft.com/mssql/server:2022-latest
Hans Kilian
  • 18,948
  • 1
  • 26
  • 35