Firewall Ports

All uberspaces come with default firewall settings, which do not allow incoming connections on ports other than 443 and 80. Some software like Wordpress, mailman or seafile can be exposed using php-fpm or web backends. Either way, you do not need to think about ports and firewalls.

If your software requires direct TCP or even UDP connections, like XMPP, ZNC or mosh, you need to open a port in the firewall.

Note

If you plan to use web backends, you do not need to open a port for your application.

Warning

Exposing your services directly to the internet requires you to take care of securing the connection, e.g. using TLS, as we cannot tunnel or encrypt the traffic in any way. You will also need to aquire your own certificates or reuse the webserver ones from ~/etc/certificates.

Opening ports

Each uberspace can open 20 ports. The port numbers are generated automatically in the range from 40.000 to 61.000 and cannot be chosen arbitrarily.

[isabell@stardust ~]$ uberspace port add
Port 40132 will be open for TCP and UDP traffic in a few minutes.

Tip

Your application needs to listen on interface :: or 0.0.0.0 (using 127.0.0.1, localhost, ::1, the external IP, or the hostname will not work).

Listing Ports

To get a list of currently open ports, execute the following command:

[isabell@stardust ~]$ uberspace port list
40132
40133
40134

Closing Ports

If you don’t need your port anymore, it’s a good idea to close it. You can do so using to following command:

[isabell@stardust ~]$ uberspace port del 40132
Port 40132 will be closed in a few minutes.