Secure Rasa with on-prem deployment

Hello I’m here to ask a question. we are building a Chatbot platform product (dialog builder) based on Rasa Open Source. Our product will be available as a SaaS & On-Prem. My question here is about the best practices to prevent on-prem customer to use Rasa directly or access it without our builder. Is there any ideas regarding that?

Hi @M.Abdelaziz can you offer some more details about what you’re trying to achieve?

Otherwise, regarding deployment, I invite you to have a look at the documentation; this page also offers information on how to customize Rasa X deployment.

Thank you Anca, we have a chatbot service deployed on docker container, we want to prevent the access to rasa files inside that container. we want to secure rasa content (the files themselves) and prevent the client from accessing or editing them. Any advices from your side?

Just expose only the port of the web server or the rasa API when you run the container, and not the container itself in the host where it is running. You can also mount readonly a container’s volume with the sensitive files. Don’t run container as root user when building the image from Dockerfile.