I was looking for a way to secure the Chatscript server since it sits on an open port 1024 to the Internet. 

Since I use an intermediary script to communicate between my web interface and the server, there was no reason to expose it to the public.

I’m not sure if this is in the manual or not, but it would be good to add it to the “Command Line Parameters” in the “server” manual. 

To secure the server, use the ‘interface’ parameter. For example:

./LinuxChatScript interface=127.0.0.1

By default, the interface is assigned to 0.0.0.0, which means it’s open to anyone. 

By setting it to 127.0.0.1, you are only allowing scripts to be ran from the same server as Chatscript.

You can check to see if port 1024 (or any other port that was assigned to CS) by going to:
http://www.yougetsignal.com/tools/open-ports/

Hope that helps!

Are you saying you have every port exposed to the internet? Cant you just assign it to a port NOT open to the internet?
But yes, there is an interface parameter which has not been documented. I can amend the documentation to reflect it in the future.

I suppose I could make sure that specific ports are open using a firewall or iptables.  I’m not really an expert in linux, so I’m probably not doing this correctly.

But yeah you’re right.  The ‘interface=127.0.0.1’ parameter just makes sure it’s only listening internally since it appears my iptables open up port 1024 to the Internet.

What was ‘interface’ intended for?

Bruce Wilcox - Aug 10, 2013:

Are you saying you have every port exposed to the internet? Cant you just assign it to a port NOT open to the internet?
But yes, there is an interface parameter which has not been documented. I can amend the documentation to reflect it in the future.

  Probably that very thing.