Security Configuration

Requirements

Security middleware features require the FastAPI-based tracking server (uvicorn), which is the default server in MLflow 3.5.0+. These features are not available when using --gunicorn-opts or --waitress-opts.

Configuration Options

Security settings can be configured through CLI options or environment variables:

Setting	CLI Option	Environment Variable	Default
Allowed Hosts	`--allowed-hosts`	`MLFLOW_SERVER_ALLOWED_HOSTS`	localhost, private IPs
CORS Origins	`--cors-allowed-origins`	`MLFLOW_SERVER_CORS_ALLOWED_ORIGINS`	localhost:*
X-Frame-Options	`--x-frame-options`	`MLFLOW_SERVER_X_FRAME_OPTIONS`	SAMEORIGIN
Disable Security	`--disable-security-middleware`	`MLFLOW_SERVER_DISABLE_SECURITY_MIDDLEWARE`	false

--allowed-hosts

Controls which Host headers the server accepts. This prevents DNS rebinding attacks by validating incoming requests:

# Specific hosts
mlflow server --allowed-hosts "mlflow.company.com,192.168.1.100"

# Wildcard patterns
mlflow server --allowed-hosts "*.company.com,192.168.*"

# Allow all (not recommended)
mlflow server --allowed-hosts "*"

--cors-allowed-origins

Specifies which web applications can make API requests from browsers:

# Specific origins
mlflow server --cors-allowed-origins "https://app.company.com,https://notebook.company.com"

# Wildcard for subdomains
mlflow server --cors-allowed-origins "https://*.company.com"

# Allow all origins (development only)
mlflow server --cors-allowed-origins "*"

--x-frame-options

Sets the X-Frame-Options header to control iframe embedding behavior:

SAMEORIGIN - Only same origin can embed (default)
DENY - No embedding allowed
NONE - Any site can embed

# Allow cross-origin iframe embedding
mlflow server --x-frame-options NONE

--disable-security-middleware

Completely disables security middleware. Use this only when security is handled by a reverse proxy or gateway:

mlflow server --disable-security-middleware

Common Configurations

Examples for typical deployment scenarios:

Local Development

Default configuration works out of the box:

mlflow server

Remote Access

Allow connections from specific hosts:

mlflow server --host 0.0.0.0 --allowed-hosts "mlflow.internal:5000,localhost:*"

CORS for Web Apps

Enable browser-based applications to access the API:

mlflow server --cors-allowed-origins "https://notebook.internal"

Allow iframe Embedding

Enable embedding the UI in other applications:

mlflow server --x-frame-options NONE

Requirements​

Configuration Options​

--allowed-hosts​

--cors-allowed-origins​

--x-frame-options​

--disable-security-middleware​

Common Configurations​

Local Development​

Remote Access​

CORS for Web Apps​

Allow iframe Embedding​