controlSocket('192.0.2.53:5199')
-Exposing the console to the network without encryption enabled is not recommended. To enable encryption, first generate a key with :func:`makeKey`::
+Enabling the console without encryption enabled is not recommended. To enable encryption, first generate a key with :func:`makeKey`::
$ ./dnsdist -l 127.0.0.1:5300
[..]
setConsoleACL('192.0.2.0/24')
The default value is '127.0.0.1', restricting the use of the console to local users. Please make sure that encryption is enabled
-before using :func:`addConsoleACL` or :func:`setConsoleACL` to allow connection from remote clients.
+before using :func:`addConsoleACL` or :func:`setConsoleACL` to allow connection from remote clients. Even if the console is
+restricted to local users, the use of encryption is still strongly advised to prevent unauthorized local users from connecting to
+the console.
Bind to ``addr`` and listen for a connection for the console. Since 1.3.0 only connections from local users are allowed
by default, :func:`addConsoleACL` and :func:`setConsoleACL` can be used to enable remote connections. Please make sure
- that encryption has been enabled with :func:`setKey` before doing so.
+ that encryption has been enabled with :func:`setKey` before doing so. Enabling encryption is also strongly advised for
+ local connections, since not enabling it allows any local user to connect to the console.
:param str address: An IP address with optional port. By default, the port is 5199.
projects / pdns / commitdiff