Firewall rules

You must allow these rules to make Passbolt work in a firewalled environment:

Inbound rules

Protocol name	Port number	Transport Layer Protocol	Comment
HTTP	80	TCP	Optional, should be used only to redirect to HTTPS
HTTPS	443	TCP	To serve Passbolt through HTTPS

Outbound rules

Protocol name	Port number	Transport Layer Protocol	Comment
HTTP	80	TCP	To be able to connect to operating system repositories who don’t use https (Ubuntu)
HTTPS	443	TCP	To be able to connect to package repository or bitbucket repository
SMTP	usually 587	TCP	To send email notifications, used port depends of your SMTP server configuration, usually 25/TCP, 587/TCP or 465/TCP
DNS	53	UDP	To be able to resolve SMTP server name, or download.passbolt.com to check for updates
NTP	123	UDP	To make server synchronized to a NTP server. Mandatory to make GPG or MFA/OTP work
HKPS	11371	TCP	HKPS protocol for receiving GPG keys

Other frequently asked questions in the same category

• How to install passbolt server
• How to make passbolt backups
• How can I update my passbolt server?
• What are the minimum server requirements?
• Does passbolt provide hosting?
• Where can I get help for installation issues?
• Why do I see an unsafe mode banner in the footer?
• Why are my emails not being sent?
• Why should I install haveged on virtual environments?
• How to update my subscription key
• Why am I getting ldap synchronization issues?
• How to increase auto logout time?
• Firewall rules
• How to generate JWT key pair manually
• Troubleshoot Docker
• How to migrate from HTTP to HTTPS
• How to use docker rootless images
• How to import SSL certificate on mobile application
• Troubleshoot SSL
• How to rotate server GPG keys
• iOS / Android Mobile FAQ
• How to install passbolt in non-interactive mode?
• Troubleshoot Helm
• How to set up NTP
• Docker Secrets