Docker Port Exposing: My Real Production Mistake

I’m developing a Bangladesh-based healthcare system, Gooddoktor. Recently, I deployed my backend in a VPS using Docker. I don’t have hardcore DevOps knowledge. I mostly: learn → try → break → fix . I set up nginx for the subdomain, all is ok. So yesterday I randomly tried a port scan on my own server. And guess what? I found multiple OPEN PORTS. Even worse… I could access my project using: http://SERVER_IP:PORT . No domain, no SSL, Nothing. Anyone on the internet could directly access my services. My First Thought I asked ChatGPT: GPT gave firewall rules → I applied them → still accessible. Then I Googled → again firewall → again same result. So clearly, the issue was not the firewall. That means something else was exposing the port. The Real Problem (Docker Did It) In my docker-compose I wrote: ports: - "2525:2525" Looks normal, right? But this line is VERY dangerous in production. What actually happens Docker doesn’t just run inside your machine. When you map a port like this: 2525:2

Docker Port Exposing: My Real Production Mistake

Related Articles

The Feature Took 2 Hours to Build — and 2 Weeks to Fix

Blog 15: SDLC Phase 4 — Testing

Before We Write a Single Data Structure, We Need to Talk

How to implement the Outbox pattern in Go and Postgres

The Hidden Algorithm Behind Google Maps Traffic!!!!

Related Articles

How-To
The Feature Took 2 Hours to Build — and 2 Weeks to Fix
Medium Programming • 3d ago

How-To
Blog 15: SDLC Phase 4 — Testing
Medium Programming • 3d ago

How-To
Before We Write a Single Data Structure, We Need to Talk
Medium Programming • 3d ago

How-To
How to implement the Outbox pattern in Go and Postgres
Lobsters • 3d ago

How-To
The Hidden Algorithm Behind Google Maps Traffic!!!!
Medium Programming • 3d ago