From c3c710cd1d7738ed8d60352089a6080d396bbae0 Mon Sep 17 00:00:00 2001 From: Daniele Pintore Date: Tue, 9 Sep 2025 23:01:51 +0200 Subject: [PATCH 1/2] docs: add docs on how to disable the published port --- apps/docs/content/docs/core/installation.mdx | 23 ++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/apps/docs/content/docs/core/installation.mdx b/apps/docs/content/docs/core/installation.mdx index 5b3dfa9..d173190 100644 --- a/apps/docs/content/docs/core/installation.mdx +++ b/apps/docs/content/docs/core/installation.mdx @@ -73,6 +73,11 @@ After running the installation script, Dokploy and its dependencies will be set Open your web browser and navigate to `http://your-ip-from-your-vps:3000`. You will be directed to the initial setup page where you can configure the administrative account for Dokploy. + + **Important:** Ensure that your server's firewall allows traffic on port + 3000 to access the Dokploy web interface. + + ### Initial Configuration 1. **Create an Admin Account:** Fill in the necessary details to set up your administrator account. This account will be the admin account for Dokploy. @@ -86,3 +91,21 @@ Open your web browser and navigate to `http://your-ip-from-your-vps:3000`. You w alt="home og image" className="rounded-lg" /> + +### Secure Your Installation +After setting up your admin account, it's crucial to secure your Dokploy installation. +The first thing to do is to **enable HTTPS:** +You need to go to **Web Server** > **Server Domain** and add your domain, then enable the **HTTPS** toggle and select the certificate provider you want to use. + + + If you are using Cloudflare origin certificates, once you have added the certificate, make sure to set the certificate provider to `None` in your domain settings. + + +### Disable access via ip:port (Optional but Recommended) +To enhance security, it's advisable to restrict access to Dokploy via the server's IP address and port. This can be achieved by running this command on the server: + +```bash +docker service update --publish-rm "published=3000,target=3000,mode=host" dokploy +``` +To further secure your installation, consider reading the [Security recommendations](/docs/core/multi-server/security#security-recommendations) section. + From 8576a3c58b60c3e146ea591e2d8eb63e6d346ec5 Mon Sep 17 00:00:00 2001 From: Mauricio Siu Date: Sun, 30 Nov 2025 01:52:53 -0600 Subject: [PATCH 2/2] docs: enhance installation instructions for securing Dokploy - Updated the section on securing the installation by enabling HTTPS, including a reference to the Domains documentation for SSL/TLS configuration. - Added a warning about the importance of having a working domain with HTTPS before disabling IP:port access. - Clarified the steps to disable IP:port access after verifying domain functionality. --- apps/docs/content/docs/core/installation.mdx | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/apps/docs/content/docs/core/installation.mdx b/apps/docs/content/docs/core/installation.mdx index d173190..bf7359a 100644 --- a/apps/docs/content/docs/core/installation.mdx +++ b/apps/docs/content/docs/core/installation.mdx @@ -93,19 +93,22 @@ Open your web browser and navigate to `http://your-ip-from-your-vps:3000`. You w /> ### Secure Your Installation -After setting up your admin account, it's crucial to secure your Dokploy installation. -The first thing to do is to **enable HTTPS:** -You need to go to **Web Server** > **Server Domain** and add your domain, then enable the **HTTPS** toggle and select the certificate provider you want to use. +After setting up your admin account, it's crucial to secure your Dokploy installation by enabling HTTPS. + +To configure a domain with SSL/TLS certificates for your Dokploy panel, please refer to the [Domains](/docs/core/domains) section where you'll find detailed instructions for different SSL configurations including Let's Encrypt, Cloudflare, and custom certificates. + +### Disable access via ip:port (Optional but Recommended) +To enhance security, it's advisable to restrict access to Dokploy via the server's IP address and port. - If you are using Cloudflare origin certificates, once you have added the certificate, make sure to set the certificate provider to `None` in your domain settings. + **Important:** Before disabling IP:port access, make sure you have configured a domain with HTTPS working properly. Otherwise, you will lose access to your Dokploy installation. See the [Domains](/docs/core/domains) section to set this up first. -### Disable access via ip:port (Optional but Recommended) -To enhance security, it's advisable to restrict access to Dokploy via the server's IP address and port. This can be achieved by running this command on the server: +Once you have verified that your domain is working correctly, you can disable IP:port access by running this command on the server: ```bash docker service update --publish-rm "published=3000,target=3000,mode=host" dokploy ``` + To further secure your installation, consider reading the [Security recommendations](/docs/core/multi-server/security#security-recommendations) section.