Overview
This page allows you to set port numbers for increased security.
Logging in
- On the top menu click Admin
- In the drop down click System Admin
- In the right side navigation box click Port Management
Settings
| Port | Default Port # | Function |
|---|---|---|
| Admin | 80 | Web port controlling the system |
| UCP | 81 | User Control Panel |
| HTTP Provisioning | 84 | Access to provisioning files |
| REST/GraphQL API | 83 | Access to RESTful API and GraphQL API |
| RESTful Phone Apps | 82 | Access to RESTful Phone Apps |
| LetsEncrypt | 80 | Only provides access to LetsEncrypt required files |
Changing Ports
To change any of the ports, you can use the dropdown to select a port number, or pick 'Custom Port' to select your own. When complete, click the Update Now button. Your changes will take effect immediately.
LetsEncrypt
The LetsEncrypt service returns an error when any file is requested, apart from files required by LetsEncrypt for certificate generation/renewal. This allows you leave port 80 exposed to the outside world, without concern that any other services are potentially exposed. When any file is request, the request will return a 'Permission Denied'. LetsEncrypt only works over HTTP, not HTTPS, which is why the 'HTTPS' port is disabled.
Disabling a Service
To disable a service inside Apache, set the port to be Disabled
Configuring HTTPS
HTTPS is only available when you have assigned a SSL Certificate to the machine through the System Admin → HTTPS Setup page. You will not be able to assign ports until that is complete.
Force https
By populating the 'https Address' field, toggling the 'Force' button for one or more services, you can configure http service requests to be force redirected to https. If a misconfiguration results in the admin GUI becoming inaccessible, you can use 'fwconsole sysadmin clearforce' to resolve.
Secure Provisioning
Please note that Secure Provisioning is only available when Sysadmin Pro is activated on the server.