oci-templates

Open or close server ports

Open server ports for remote access

IMPORTANT: Making this application’s network ports public is a significant security risk. You are strongly advised to only allow access to those ports from trusted networks. If, for development purposes, you need to access from outside of a trusted network, please do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.

By default, Oracle Cloud Infrastructure servers have some or all of their ports closed to secure them against external attacks. In some cases, ports needed for specific applications to operate properly are also left open by default.

If you need to access your server remotely using a different port, you must first open the necessary port(s) using the Oracle Cloud Infrastructure Console.

Follow these steps:

  • Log in to the Oracle Cloud Infrastructure Console.
  • Navigate to “Compute -> Instances”.
  • In the list of available instances, find the instance you want to modify its firewall rules. Select it to see the “Instance Details”.

    List of launched instances

  • On the “Instance Details” page, click the “Subnet” link. You will be redirected to the “Networking -> Virtual Cloud Networks -> Virtual Cloud Network Details -> Subnets” section. This section lists all the subnets for the compartment containing your instance.

  • Click the “Default Security List” link in the “Security list” section of the subnet hosting your instance.

    List of Subnets

  • The resulting screen has a summary of all the rules applied to that subnet. To open a port, you must create a new Ingress Rule. Navigate to the “Ingress Rules” section and click the “Edit All Rules” button:

    Ingress Rules

  • Scroll down and click the “Add Rule” button.

    Add new ingress rule

  • Enter the necessary information and click the “Save Security List Rules” button so that the changes take effect.

    Save the new ingress rule

Your new security rule comes into effect immediately without any need to restart the server.

Close server ports and deny remote access

To close ports for remote access, follow these steps:

  • Log in to the Oracle Cloud Infrastructure Console.
  • Navigate to “Compute -> Instances”.
  • In the list of available instances, find the instance you want to modify. Click it to see the “Instance Details”.

    List of launched instances

  • On the “Instance Details” page, click the “Subnet” link. You will be redirected to the “Networking -> Virtual Cloud Networks -> Virtual Cloud Network Details -> Subnets” section. This section lists all the subnets for the compartment containing your instance.

  • Click the “Default Security List” link in the “Security list” section of the subnet hosting your instance.

    List of Subnets

  • The resulting screen lists all the rules applied to that subnet. Navigate to the “Egress Rules” section and click the “Edit All Rules” button:

    Egress Rules

  • To close a new port, scroll down to find the “Allow Rules for Egress”, then click the “Add Rule” button:

    Add new egress rule

  • Once you have entered the information for the new rule, click the “Save Security List Rules” button so the changes take effect:

    Save the new egress rule

Your new security rule comes into effect immediately without any need to restart the server.

Last modification October 15, 2018