How to get rid of " WARNING: the RPC server is not safe to expose to untrusted networks such as the public internet" #24744

issue juxeii opened this issue on April 3, 2022
  1. juxeii commented at 8:50 AM on April 3, 2022: none

    I am using the container kylemanna. In the bitcoin.conf I have one entry rpcallowip=192.168.1.0/24

    Logs are:

    + cat /bitcoin/.bitcoin/bitcoin.conf
+ echo 'Initialization completed successfully'
rpcallowip=192.168.1.0/24Initialization completed successfully
+ [ 0 -eq 0 ]
+ set -- -rpcbind=:8332 -rpcallowip=0.0.0.0/0
+ exec bitcoind -rpcbind=:8332 -rpcallowip=0.0.0.0/0
2022-04-03T08:38:57Z Bitcoin Core version v22.0.0 (release build)
2022-04-03T08:38:57Z Assuming ancestors of block 00000000000000000008a89e854d57e5667df88f1cdef6fde2fbca1de5b639ad have valid signatures.
2022-04-03T08:38:57Z Setting nMinimumChainWork=00000000000000000000000000000000000000001fa4663bbbe19f82de910280
2022-04-03T08:38:57Z Using the 'shani(1way,2way)' SHA256 implementation
2022-04-03T08:38:57Z Using RdSeed as additional entropy source
2022-04-03T08:38:57Z Using RdRand as an additional entropy source
2022-04-03T08:38:57Z Default data directory /bitcoin/.bitcoin
2022-04-03T08:38:57Z Using data directory /bitcoin/.bitcoin
2022-04-03T08:38:57Z Config file: /bitcoin/.bitcoin/bitcoin.conf
2022-04-03T08:38:57Z Config file arg: rpcallowip="192.168.1.0/24"
2022-04-03T08:38:57Z Config file arg: txindex="1"
2022-04-03T08:38:57Z Command-line arg: rpcallowip="0.0.0.0/0"
2022-04-03T08:38:57Z Command-line arg: rpcbind=****
2022-04-03T08:38:57Z Using at most 125 automatic connections (1048576 file descriptors available)
2022-04-03T08:38:57Z Using 16 MiB out of 32/2 requested for signature cache, able to store 524288 elements
2022-04-03T08:38:57Z Using 16 MiB out of 32/2 requested for script execution cache, able to store 524288 elements
2022-04-03T08:38:57Z Script verification uses 1 additional threads
2022-04-03T08:38:57Z scheduler thread start
2022-04-03T08:38:57Z WARNING: the RPC server is not safe to expose to untrusted networks such as the public internet

    I am trying to get rid of the RPC server warning with many attempts playing with rpcallowip and rpcbind, but the warning keeps popping up.

    How can I have a local LAN connection to the RPC server only? Which settings do I need to put into bitcoin.conf to get rid of the warning?

    Which commands take precedence? The cli commands of the container, or my settings in bitcoin.conf?

  2. juxeii commented at 9:16 AM on April 3, 2022: none

    Answering my own question. I changed the docker-compose to

    version: '2'
services:
  bitcoind:
    image: kylemanna/bitcoind:latest
    ports:
      - 8333:8333
      - 127.0.0.1:8332:8332
    volumes:
      - /volume1/docker/bitcoin:/bitcoin/.bitcoin
    command: 
      bash -c "bitcoind -printtoconsole"

    And the bitcoin.conf to

    txindex=1
rpcallowip=192.168.1.0/24
rpcbind=127.0.0.1

    All warnings are gone now and I can issue commands like bitcoin-cli -getinfo without problems. Not sure if these settings make sense, but they are working for now.

    Finally, here is the startup log:

    2022-04-03T09:10:42Z Bitcoin Core version v22.0.0 (release build)
2022-04-03T09:10:42Z Assuming ancestors of block 00000000000000000008a89e854d57e5667df88f1cdef6fde2fbca1de5b639ad have valid signatures.
2022-04-03T09:10:42Z Setting nMinimumChainWork=00000000000000000000000000000000000000001fa4663bbbe19f82de910280
2022-04-03T09:10:42Z Using the 'shani(1way,2way)' SHA256 implementation
2022-04-03T09:10:42Z Using RdSeed as additional entropy source
2022-04-03T09:10:42Z Using RdRand as an additional entropy source
2022-04-03T09:10:42Z Default data directory /bitcoin/.bitcoin
2022-04-03T09:10:42Z Using data directory /bitcoin/.bitcoin
2022-04-03T09:10:42Z Config file: /bitcoin/.bitcoin/bitcoin.conf
2022-04-03T09:10:42Z Config file arg: rpcallowip="192.168.1.0/24"
2022-04-03T09:10:42Z Config file arg: rpcbind=****
2022-04-03T09:10:42Z Config file arg: txindex="1"
2022-04-03T09:10:42Z Command-line arg: printtoconsole=""
2022-04-03T09:10:42Z Using at most 125 automatic connections (1048576 file descriptors available)
2022-04-03T09:10:42Z Using 16 MiB out of 32/2 requested for signature cache, able to store 524288 elements
2022-04-03T09:10:42Z Using 16 MiB out of 32/2 requested for script execution cache, able to store 524288 elements
2022-04-03T09:10:42Z Script verification uses 1 additional threads
2022-04-03T09:10:42Z scheduler thread start
2022-04-03T09:10:42Z HTTP: creating work queue of depth 16
2022-04-03T09:10:42Z Using random cookie authentication.
2022-04-03T09:10:42Z Generated RPC authentication cookie /bitcoin/.bitcoin/.cookie
2022-04-03T09:10:42Z HTTP: starting 4 worker threads
2022-04-03T09:10:42Z Using wallet directory /bitcoin/.bitcoin
2022-04-03T09:10:42Z init message: Verifying wallet(s)…
2022-04-03T09:10:42Z init message: Loading banlist…
2022-04-03T09:10:42Z SetNetworkActive: true
2022-04-03T09:10:42Z Using /16 prefix for IP bucketing
2022-04-03T09:10:42Z Cache configuration:
2022-04-03T09:10:42Z * Using 2.0 MiB for block index database
2022-04-03T09:10:42Z * Using 56.0 MiB for transaction index database
2022-04-03T09:10:42Z * Using 8.0 MiB for chain state database
2022-04-03T09:10:42Z * Using 384.0 MiB for in-memory UTXO set (plus up to 286.1 MiB of unused mempool space)
2022-04-03T09:10:42Z init message: Loading block index…
2022-04-03T09:10:42Z Switching active chainstate to Chainstate [ibd] @ height -1 (null)
2022-04-03T09:10:42Z Opening LevelDB in /bitcoin/.bitcoin/blocks/index
2022-04-03T09:10:42Z Opened LevelDB successfully
2022-04-03T09:10:42Z Using obfuscation key for /bitcoin/.bitcoin/blocks/index: 0000000000000000
2022-04-03T09:10:53Z LoadBlockIndexDB: last block file = 2984
2022-04-03T09:10:53Z LoadBlockIndexDB: last block file info: CBlockFileInfo(blocks=67, size=64923785, heights=730154...730220, time=2022-04-02...2022-04-03)
2022-04-03T09:10:53Z Checking all blk files are present...
2022-04-03T09:10:53Z Opening LevelDB in /bitcoin/.bitcoin/chainstate
2022-04-03T09:10:53Z Opened LevelDB successfully
2022-04-03T09:10:53Z Using obfuscation key for /bitcoin/.bitcoin/chainstate: 56f4126eb434d41e
2022-04-03T09:10:54Z Loaded best chain: hashBestChain=0000000000000000000310e42d8fbcbe9799e297892fb42d1706dedf09a9cd57 height=730220 date=2022-04-03T08:56:55Z progress=0.999997
2022-04-03T09:10:54Z init message: Verifying blocks…
2022-04-03T09:10:54Z Verifying last 6 blocks at level 3
2022-04-03T09:10:54Z [0%]...[16%]...[33%]...[50%]...[66%]...[83%]...[99%]...[DONE].
2022-04-03T09:11:00Z No coin database inconsistencies in last 6 blocks (6589 transactions)
2022-04-03T09:11:00Z  block index           17470ms
2022-04-03T09:11:00Z Opening LevelDB in /bitcoin/.bitcoin/indexes/txindex
2022-04-03T09:11:00Z Opened LevelDB successfully
2022-04-03T09:11:00Z Using obfuscation key for /bitcoin/.bitcoin/indexes/txindex: 0000000000000000
2022-04-03T09:11:00Z txindex thread start
2022-04-03T09:11:00Z loadblk thread start
2022-04-03T09:11:00Z block tree size = 730240
2022-04-03T09:11:00Z nBestHeight = 730220
2022-04-03T09:11:00Z Syncing txindex with block chain from height 416439
2022-04-03T09:11:00Z Bound to 127.0.0.1:8334
2022-04-03T09:11:00Z Bound to [::]:8333
2022-04-03T09:11:00Z torcontrol thread start
2022-04-03T09:11:00Z Bound to 0.0.0.0:8333
2022-04-03T09:11:00Z init message: Loading P2P addresses…
2022-04-03T09:11:00Z Leaving InitialBlockDownload (latching to false)
2022-04-03T09:11:01Z Loaded 66237 addresses from peers.dat  251ms
2022-04-03T09:11:01Z Loaded 2 addresses from "anchors.dat"
2022-04-03T09:11:01Z 2 block-relay-only anchors will be tried for connections.
2022-04-03T09:11:01Z init message: Starting network threads…
2022-04-03T09:11:01Z init message: Done loading
2022-04-03T09:11:01Z addcon thread start
2022-04-03T09:11:01Z opencon thread start
2022-04-03T09:11:01Z msghand thread start
2022-04-03T09:11:01Z dnsseed thread start
2022-04-03T09:11:01Z Waiting 300 seconds before querying DNS seeds.
2022-04-03T09:11:01Z net thread start
2022-04-03T09:11:01Z New outbound peer connected: version: 70016, blocks=730220, peer=4 (block-relay-only)
2022-04-03T09:11:02Z New outbound peer connected: version: 70016, blocks=730220, peer=5 (block-relay-only)
2022-04-03T09:11:14Z New outbound peer connected: version: 70016, blocks=730220, peer=9 (outbound-full-relay)
2022-04-03T09:11:15Z New outbound peer connected: version: 70016, blocks=730220, peer=10 (outbound-full-relay)
2022-04-03T09:11:15Z New outbound peer connected: version: 70015, blocks=730220, peer=11 (outbound-full-relay)
2022-04-03T09:11:27Z Imported mempool transactions from disk: 4311 succeeded, 0 failed, 0 expired, 0 already there, 0 waiting for initial broadcast
2022-04-03T09:11:27Z loadblk thread exit
2022-04-03T09:11:28Z New outbound peer connected: version: 70015, blocks=730220, peer=17 (outbound-full-relay)
2022-04-03T09:11:29Z New outbound peer connected: version: 70015, blocks=730220, peer=18 (outbound-full-relay)
2022-04-03T09:11:31Z Syncing txindex with block chain from height 416752
2022-04-03T09:11:34Z P2P peers available. Skipped DNS seeding.
2022-04-03T09:11:34Z dnsseed thread exit
2022-04-03T09:11:35Z New outbound peer connected: version: 70016, blocks=730220, peer=23 (outbound-full-relay)
2022-04-03T09:11:36Z New outbound peer connected: version: 70016, blocks=730220, peer=24 (outbound-full-relay)
2022-04-03T09:11:36Z New outbound peer connected: version: 70016, blocks=730220, peer=25 (outbound-full-relay)
2022-04-03T09:11:38Z New outbound peer connected: version: 70013, blocks=730220, peer=27 (outbound-full-relay)
2022-04-03T09:11:39Z New outbound peer connected: version: 70016, blocks=730220, peer=26 (outbound-full-relay)
2022-04-03T09:12:00Z New outbound peer connected: version: 70016, blocks=730220, peer=33 (outbound-full-relay)
2022-04-03T09:12:01Z New outbound peer connected: version: 70016, blocks=730220, peer=35 (outbound-full-relay)
2022-04-03T09:12:01Z New outbound peer connected: version: 70016, blocks=730220, peer=37 (outbound-full-relay)
2022-04-03T09:12:13Z New outbound peer connected: version: 70016, blocks=730220, peer=41 (outbound-full-relay)
2022-04-03T09:12:52Z Syncing txindex with block chain from height 417553
2022-04-03T09:13:23Z Syncing txindex with block chain from height 418401
2022-04-03T09:15:14Z Syncing txindex with block chain from height 419190
  3. juxeii closed this on Apr 3, 2022
  4. fanquake locked this on Apr 11, 2022
Contributors
juxeii
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-15 15:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me