Hi Darshan, Fauxton, the management GUI is just a web app that uses the CouchDB API that your application uses as well.
The way to secure CouchDB is to secure who has access to the API. Whether or not the management GUI is present makes no difference. For example, if you have an CouchDB API endpoint with hypothetically Fauxton removed, I can just run Fauxton on my machine and point it at your API endpoint. So securing that API endpoint is the one and only correct way of securing access to CouchDB. Best Jan — > On 2. Jul 2020, at 09:09, Mody, Darshan Arvindkumar (Darshan) > <[email protected]> wrote: > > Hi > > We are using CouchDB as the database in our project. One of the concerns from > the Security team is the management GUI which can lead to vulnerabilities > . > Is there a way to disable the management GUI > > Thanks > Darshan
