Open WebUI¶
Self-hosted LLM chat front-end at
ai.448.global. The "internal ChatGPT" — staff use it to ask AI models questions without leaking prompts to a public service.
| Field | Value |
|---|---|
| Public URL | https://ai.448.global |
| Audience | internal staff |
| Criticality | low-medium — productivity tool |
| Maturity | [INFO NEEDED] |
| Owner | [INFO NEEDED] |
| Last reviewed | 2026-05-05 |
1. At a glance¶
Open WebUI is the company's private chat interface to AI models. It looks like ChatGPT but is hosted by us. Staff can ask questions and the prompts stay on our servers (and only go to whichever model providers we connect — OpenAI, Anthropic, local models). The risk is staff pasting customer data or secrets into prompts.
2. Business purpose¶
- Productivity boost from AI assistance.
- Privacy — prompts not sent to public ChatGPT accounts.
- Centralized billing for whichever LLM provider we use.
3. Audience¶
Internal staff.
4. Hosting & cloud infrastructure¶
Infrastructure map¶
| Item | Value | Notes |
|---|---|---|
| Public hostname | ai.448.global | |
| Public IP(s) | [INFO NEEDED] |
|
| Open ports | 443 [CONFIRM] |
|
| TLS cert | [INFO NEEDED] |
|
| Reverse proxy | [INFO NEEDED] |
|
| Container image / version | ghcr.io/open-webui/open-webui:[INFO NEEDED] |
|
| Host server name | [INFO NEEDED] |
|
| Backend models | [INFO NEEDED] |
OpenAI, Anthropic, Ollama (local), other |
| Database | SQLite default [CONFIRM] |
Credentials in Vault¶
| Secret type | Vault path / link | Last rotated |
|---|---|---|
| Open WebUI admin login | [INFO NEEDED] |
|
| OpenAI API key | [INFO NEEDED] |
|
| Anthropic API key | [INFO NEEDED] |
|
| Other model-provider keys | [INFO NEEDED] |
5. Technology behind it¶
- Type: off-the-shelf
- Product: Open WebUI (formerly Ollama WebUI)
- Stack: Python (FastAPI) + SQLite + Svelte frontend
6. Data it handles¶
- User conversation history (potentially containing PII, customer data, IP).
- API keys for upstream providers.
- User accounts.
7. External dependencies¶
- LLM providers (OpenAI / Anthropic / etc.) — depending on which are configured.
- A local Ollama instance if running models on-prem.
8. Authentication & access¶
- End-user login: local accounts
[CONFIRM] - OIDC / Authentik?
[INFO NEEDED](supported) - MFA?
[INFO NEEDED]
9. Maturity assessment¶
[INFO NEEDED]
10. Known risks & vulnerabilities¶
[CONFIRM]Prompt-leak risk — staff paste sensitive data into chats. Once sent to OpenAI/Anthropic, it leaves the company. Acceptable-use policy required.[INFO NEEDED]Cost runaway — without per-user limits, a single staff member withgpt-4access can rack up large bills.[INFO NEEDED]API-key blast radius — one shared API key for all users; if leaked, all usage is anonymous + abusable.[INFO NEEDED]Public exposure — admin UI on internet → brute-force surface.[INFO NEEDED]Conversation history retention — old chats may contain sensitive content; retention policy[INFO NEEDED].
11. Impact if it goes down¶
Productivity loss, no customer impact.
12. Owner & on-call¶
[INFO NEEDED]
13. References & links¶
- Public URL: https://ai.448.global
- Vendor docs: https://docs.openwebui.com
- Domain: see domains.md