Critiq Docs
Get started
security.network

Avoid binding to all interfaces

Network-facing services should not explicitly bind to every interface unless public exposure is intentional and protected.

#Metadata

Rule ID
ts.security.bind-to-all-interfaces
Severity
medium
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
exposure, network, rules-catalog, security

#Why it matters

Binding to `0.0.0.0` or `::` can expose a service beyond the expected trust boundary and widen the reachable attack surface.

#Remediation

Bind to loopback or a specific interface unless public exposure is an intentional deployment requirement with compensating controls.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.bind-to-all-interfaces.rule.yaml.

Back to registryOpen rule in repository