Page Comparison

Create When you are creating a security group with , you need to enable the following ports enabled:

Info
In a production environment it is recommended to use the HTTPS port instead of the HTTP port.

Port#

Port Description

Suggestions for Access Restrictions

Common Ports

22

SSH port. Clients will use this port to ssh into the EC2 instance.

Open to outside access

Private PaaS Instance

9443

HTTPS post port to access the WSO2 Private PaaS management consoleManagement Console.

Open to outside access

9763

HTTP post port to access the WSO2 Private PaaS management console Management Console.

Open to outside access

9444

Management console port to BAM server.

Open to outside access

8291

GitBlit HTTP port.

Info
This port is optional as it is only needed if GitBlit is used.

Open to outside access

8443

GitBlit HTTPS port.

Open to outside access

9445

Identity Server port.

Restricted internal

Info
This port is optional as it is only needed if GitBlit is used.

Open to outside access

8140

Puppet Master port.

Open to outside access

3306

MySQL port.

Open to outside access

76117711

Cartridge agents publish statistics to CEP.

Info
If CEP and BAM are both being used, then you need to enable port offset in one of the products.

Open to outside access

76127711

Carbon products publish logs to BAM.

Info
If CEP and BAM are both being used, then you need to enable port offset in one of the products.

Open to outside access

61616

ActiveMQ port

Open to outside access

Carbon Cartridge Instances

80, 8280

Load Balancer HTTP proxy port.

Open to outside access

443, 8243

Load Balancer HTTPS proxy port.

Open to outside access

9763 and 9443

Management console accessHTTPS port to access the Management Console.

Open to outside access

9763

HTTP port to access the Management Console.

Open to outside access

4000

Hazlecast port for clustering products.

Restricted internal access

8280

HTTP port for Pass-Through transport of ESB or APIM.

Open to outside access

8243

HTTPS port for Pass-Through transport of ESB or APIM.

Open to outside access

Note
If all the instances are fronted by Load Balancer then only the Load Balancer port needs to be open to outside access and all other ports can be restricted to internal access.

Versions Compared

Old Version 2

New Version Current

Key