Overview
Some non-standard open ports have been identified on the Auth0-hosted login page.
- HTTP: 2083, 8443
- HTTPS: 2082, 2086, 2087, 8080, 8880
This article clarifies why those ports are seen.
Applies To
- Server ports
- Open ports
Cause
These ports are exposed by our Edge Network provider.
Solution
The open ports seen are provided by a global scale edge & DDoS provider, which routes traffic for us and provides WAF & various other security functions. This service is provided by Cloudflare.
The ports listed are among the ones Cloudflare exposes, but the origin servers are restricted to port 443, and the configuration only allows traffic to originate from that port.
We cannot control which ports the Edge Network provider exposes, only what we will accept on our back end.
In terms of Auth0 itself, these non-standard ports are not exposed.