Using the 0.0.0.0 address exposes this server to every network interface #673
-
Got below warn messages complaining about security issue:
|
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 4 replies
-
This warning comes from the collector itself. By default, the collector doesn't expose OTLP to external network interfaces. There is more information in the URL linked in the message: https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#safeguards-against-denial-of-service-attacks |
Beta Was this translation helpful? Give feedback.
-
So is there a way to turn off this warning? By changing the feature gate thing they mention? I don't know what command to use as I'm new to Otel |
Beta Was this translation helpful? Give feedback.
This warning comes from the collector itself. By default, the collector doesn't expose OTLP to external network interfaces.
However, we run the collector as a container and for the service to become available to ports exposed on the container, we must configure the service to run on 0.0.0.0.
There is more information in the URL linked in the message: https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#safeguards-against-denial-of-service-attacks