From 9093d9cfcce50ffe0c30d27a1224cb756efb6082 Mon Sep 17 00:00:00 2001
From: TiynGER <kantemarten@googlemail.com>
Date: Mon, 13 Apr 2020 17:56:28 +0200
Subject: [PATCH] block ports for nginx added

---
 docker/nginx/description.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/docker/nginx/description.md b/docker/nginx/description.md
index f9fd0b0..3a0124b 100644
--- a/docker/nginx/description.md
+++ b/docker/nginx/description.md
@@ -1,9 +1,19 @@
 # Nginx
+
 The easiest way to configure and run nginx is [ncdt](https://github.com/nasourso/nginx-certbot-docker-tui) by nasourso.
 So the first step is downloading it.
 
-```wget https://raw.githubusercontent.com/nasourso/nginx-certbot-docker-tui/master/src/ncdt.sh```
+`wget https://raw.githubusercontent.com/nasourso/nginx-certbot-docker-tui/master/src/ncdt.sh`
 
 You can just run the script and it will install all needed dependencies.
 After that just go ahead and start the container.
 You can then configure reverse proxies by adding websites.
+
+## Block remote port access
+
+If you configured a reverse proxy to a port chances are you don't want the port to be accessed outside of the proxy.
+Especially if you set up a authentication over nginx the open port will avoid the authentication.
+This can be changed at the forwarded docker-service by replacing for example `-p 7000:7000` with `-p 172.17.0.1:7000:7000`.
+This forces the docker container to only expose the port in the docker bridge network, effectively banning remote access.
+
+