From f56d100ca036a6ad33a8459571e0dd864f4492be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niklas=20Hamb=C3=BCchen?= <mail@nh2.me>
Date: Wed, 4 Mar 2026 12:16:28 +0100
Subject: [PATCH] docs: codebase-indexing: Bind qdrant to 127.0.0.1 for
 security

As explained on

  https://qdrant.tech/documentation/guides/security/#network-bind

it is unwise to make qdrant listen on the public network interface
because then anybody on the local network (or Internet for server)
can abuse it.
---
 docs/features/codebase-indexing.mdx | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/features/codebase-indexing.mdx b/docs/features/codebase-indexing.mdx
index 90ba8bc7..e48c3ced 100644
--- a/docs/features/codebase-indexing.mdx
+++ b/docs/features/codebase-indexing.mdx
@@ -83,7 +83,7 @@ Using Docker:
 docker run -d \
   --name qdrant \
   --restart unless-stopped \
-  -p 6333:6333 \
+  -p 127.0.0.1:6333:6333 \
   -v qdrant_data:/qdrant/storage \
   qdrant/qdrant
 ```
@@ -94,7 +94,7 @@ services:
   qdrant:
     image: qdrant/qdrant
     ports:
-      - "6333:6333"
+      - "127.0.0.1:6333:6333"
     volumes:
       - qdrant_storage:/qdrant/storage
 volumes:
@@ -364,4 +364,4 @@ Planned improvements:
 - Enhanced filtering options
 - Team collaboration features
 - VS Code native search integration
-- Incremental re-indexing optimizations
\ No newline at end of file
+- Incremental re-indexing optimizations