How to Secure Your ChatGPT‑Web Deployment from Free API Exploits

Since OpenAI released the GPT API, many have deployed the open‑source ChatGPT‑web project to run their own ChatGPT sites.

The default front‑end title of the project is “ChatGPT Web”. This makes the sites easily discoverable by internet asset search engines such as FOFA and Shodan, which can query titles, domains, IPs, ports, headers, and more.

Attackers can locate these sites, and if no authentication is configured (the default is none), they can freely use the underlying OpenAI API, causing owners to incur unexpected costs.

How attackers find the sites

Asset search engines continuously scan the internet for servers, routers, cameras, printers and web applications. By searching for the title “ChatGPT Web”, thousands of deployments are returned within seconds.

Without a password protection, anyone can send requests to the API through the discovered site.

Mitigation steps

1. Edit index.html and change the page title to something that does not contain “ChatGPT”.

2. Set an authentication secret ( AUTH_SECRET_KEY ) in the configuration to require a password.

If you run the backend yourself, add AUTH_SECRET_KEY to the .env file under the service directory. If you use Docker Compose, add the variable to docker-compose.yml in the docker-compose folder.

After enabling password protection, the login page appears, blocking most casual attempts.

Conclusion

Site owners must assume that their deployments can be discovered and should apply basic security measures immediately. Developers of open‑source tools should consider safe defaults, such as generating random titles and mandatory initial passwords, to avoid exposing users to unnecessary risk.