From b9aaa37a0555aa44e819c7d84f31f242875594e1 Mon Sep 17 00:00:00 2001 From: Petra Vankova Date: Wed, 25 Jun 2025 14:00:54 +0200 Subject: [PATCH] firewall --- apps/docs/content/references/firewall.mdx | 100 +++++++--------------- apps/docs/static/llms-full.txt | 69 +++++---------- 2 files changed, 52 insertions(+), 117 deletions(-) diff --git a/apps/docs/content/references/firewall.mdx b/apps/docs/content/references/firewall.mdx index fd439c30..b63d86df 100644 --- a/apps/docs/content/references/firewall.mdx +++ b/apps/docs/content/references/firewall.mdx @@ -13,60 +13,27 @@ A Firewall is a network security system that monitors and controls incoming and At Zerops, we implemented a robust firewall system to protect our platform and your applications. -## Default Firewall Rules - -### Allowed Outbound Ports - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ProtocolPortService
TCP/UDP80HTTP
TCP/UDP443HTTPS
TCP/UDP22SSH
TCP/UDP53DNS
TCP/UDP123NTP
TCP587SMTP (with STARTTLS)
- -### Restricted Ports - -To maintain platform security, certain ports are restricted: - -- **TCP**: All ports in the range 1-1024 (except those explicitly allowed above) -- **UDP**: All ports in the range 1-65535 (except those explicitly allowed above) - -> **Note**: Ports outside these ranges are generally unrestricted. +## Port Access Rules + +### UDP Ports +*No restrictions* + +### TCP Ports + +#### **TCP ports 1-1024** +The following specific ports are allowed: + +- **22** - SSH +- **53** - DNS +- **80** - HTTP +- **123** - NTP +- **443** - HTTPS +- **587** - SMTP (with STARTTLS) + +*All other TCP ports in the range 1-1024 are **blocked** for security reasons, see below.* + +#### **TCP ports 1025-65535** +*No restrictions* ## Security Measures @@ -76,31 +43,24 @@ These firewall rules are strategically implemented to: - Protect Zerops and its users from potential security threats - Maintain compliance with security best practices -## Requesting Firewall Modifications - -If your application requires access to additional ports: - -1. Contact Zerops support at `support@zerops.io`. -2. Include in your request: - - Detailed explanation of your use case. - - Specific ports and protocols needed. - - Mention your Project ID and Organization ID from your Zerops Dashboard. - ## Common Use Cases ### Standard Web Applications (HTTP/HTTPS) - - Full access to HTTP/HTTPS communication (ports 80/443) - Unrestricted DNS queries (port 53) - Time synchronization via NTP (port 123) -> Enabled by default for all projects on Zerops. - ### Email Services - SMTP access through port 587 (with STARTTLS) - For detailed SMTP configuration, see our [SMTP documentation](/references/smtp) -### Custom Applications -- Special port requirements should be discussed with support -- Each request is evaluated based on security implications \ No newline at end of file +## Requesting Firewall Modifications + +If your application requires access to additional ports: + +1. Contact Zerops support at [support@zerops.io](mailto:support@zerops.io). +2. Include in your request: + - Specific ports and protocols needed. + - Detailed explanation of your use case. + - Mention your Project ID and Organization ID from your Zerops Dashboard. diff --git a/apps/docs/static/llms-full.txt b/apps/docs/static/llms-full.txt index f27338d9..6f358bd6 100644 --- a/apps/docs/static/llms-full.txt +++ b/apps/docs/static/llms-full.txt @@ -22734,66 +22734,41 @@ The primary focus is on managing outbound communication to prevent potential pla ## What is a Firewall? A Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. At Zerops, we implemented a robust firewall system to protect our platform and your applications. -## Default Firewall Rules -### Allowed Outbound Ports - - Protocol - Port - Service - - TCP/UDP - 80 - HTTP - - TCP/UDP - 443 - HTTPS - - TCP/UDP - 22 - SSH - - TCP/UDP - 53 - DNS - - TCP/UDP - 123 - NTP - - TCP - 587 - SMTP (with STARTTLS) - -### Restricted Ports -To maintain platform security, certain ports are restricted: -- **TCP**: All ports in the range 1-1024 (except those explicitly allowed above) -- **UDP**: All ports in the range 1-65535 (except those explicitly allowed above) -> **Note**: Ports outside these ranges are generally unrestricted. +## Port Access Rules +### UDP Ports +*No restrictions* +### TCP Ports +#### **TCP ports 1-1024** +The following specific ports are allowed: +- **22** - SSH +- **53** - DNS +- **80** - HTTP +- **123** - NTP +- **443** - HTTPS +- **587** - SMTP (with STARTTLS) +*All other TCP ports in the range 1-1024 are **blocked** for security reasons, see below.* +#### **TCP ports 1025-65535** +*No restrictions* ## Security Measures These firewall rules are strategically implemented to: - Prevent unauthorized use of the Zerops infrastructure for spam or network attacks - Protect Zerops and its users from potential security threats - Maintain compliance with security best practices -## Requesting Firewall Modifications -If your application requires access to additional ports: -1. Contact Zerops support at `support@zerops.io`. -2. Include in your request: - - Detailed explanation of your use case. - - Specific ports and protocols needed. - - Mention your Project ID and Organization ID from your Zerops Dashboard. ## Common Use Cases ### Standard Web Applications (HTTP/HTTPS) - Full access to HTTP/HTTPS communication (ports 80/443) - Unrestricted DNS queries (port 53) - Time synchronization via NTP (port 123) -> Enabled by default for all projects on Zerops. ### Email Services - SMTP access through port 587 (with STARTTLS) - For detailed SMTP configuration, see our [SMTP documentation](/references/smtp) -### Custom Applications -- Special port requirements should be discussed with support -- Each request is evaluated based on security implications +## Requesting Firewall Modifications +If your application requires access to additional ports: +1. Contact Zerops support at [support@zerops.io](mailto:support@zerops.io). +2. Include in your request: + - Specific ports and protocols needed. + - Detailed explanation of your use case. + - Mention your Project ID and Organization ID from your Zerops Dashboard. ----------------------------------------