(blogs.cisco.com)

166 points rldjbpin | 1 comments | 03 Sep 25 08:18 UTC | HN request time: 0.314s | source

Show context

alexandru_m ◴[03 Sep 25 10:25 UTC] No.45114142[source]▶

Apparently, protecting the API is not planned: https://github.com/ollama/ollama/issues/849

For my own purposes I either restrict ollama's ports in the firewall, or I put some proxy in front of it that blocks access of some header with some predefined api key is not present. Kind of clunky, but it works.

replies(5): >>45114147 #>>45114943 #>>45114992 #>>45117832 #>>45120566 #

1. kaptainscarlet ◴[03 Sep 25 12:37 UTC] No.45114992[source]▶

>>45114142 #

You can easily protect the api with nginx basic auth

↑

Finding thousands of exposed Ollama instances using Shodan