Ports Exposed on Auth0

Overview

Some non-standard open ports have been identified on the Auth0-hosted login page.

  • HTTP: 2083, 8443
  • HTTPS: 2082, 2086, 2087, 8080, 8880

This article clarifies why those ports are seen.

Applies To

  • Server ports
  • Open ports

Cause

These ports are exposed by our Edge Network provider.

Solution

The open ports seen are provided by a global scale edge & DDoS provider, which routes traffic for us and provides WAF & various other security functions. This service is provided by Cloudflare.

The ports listed are among the ones Cloudflare exposes, but the origin servers are restricted to port 443, and the configuration only allows traffic to originate from that port.

We cannot control which ports the Edge Network provider exposes, only what we will accept on our back end.

In terms of Auth0 itself, these non-standard ports are not exposed.