⚠️⚠️⚠️⚠️⚠️ Fractal Bitcoin security issues. Be careful if you are running a @fractal_bitcoin node using the official docker release, the RPC credentials are hardcoded, not configurable via environment variables, and RPC server is exposed publicly and vulnerable to attacks. So many bad security practices in this bitcoin conf file.. rpcallowip=0.0.0.0/0: This is the most concerning setting. It allows RPC connections from any IP address, which is very dangerous if exposed to the internet. It effectively opens your node to potential attacks from anywhere. zmqpubhashblock=tcp://0.0.0.0:8330 and zmqpubrawtx=tcp://0.0.0.0:8331 These settings allow ZeroMQ connections from any IP, which could be a security risk if exposed. maxconnections=0 This removes the limit on the number of connections, which could potentially lead to resource exhaustion. To be honest I even thought that I was looking at a scam Github repo from a wrong organisation. So I checked your website, and again this is bad because it's not trivial to find your Github organisation. It opens the door to a lot of potential scams. After navigating I finally found the Github org, and it happened that I was (unfortunately) looking at the right repository. The Github org does not even have a link to your website, or at least your logo... You are exposing node runners to dangerous attacks. This is not serious.
