chore: Refactor Dockerfile to expose specific ports for improved security

2024-12-18 15:45:04 +08:00 · 2024-12-18 15:45:04 +08:00 · ead95a61fc
commit ead95a61fc
parent cf879b1378
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -31,8 +31,8 @@ RUN echo btpanel | bt 6 \

 ENTRYPOINT ["/bin/sh","-c","/bt.sh"]

-# 暴漏所有端口
-EXPOSE 0-65535
+# 暴漏指定端口
+EXPOSE 22 80 443 888 3306 8888

 # 健康检查
 HEALTHCHECK --interval=5s --timeout=3s CMD prot="http"; if [ -f "/www/server/panel/data/ssl.pl" ]; then prot="https"; fi; curl -k -i $prot://127.0.0.1:$(cat /www/server/panel/data/port.pl)$(cat /www/server/panel/data/admin_path.pl) | grep -E '(200|404)' || exit 1