Maybe you were looking for the Enterprise Documentation instead?
Careful! You are browsing documentation for an outdated version of Kong. Go here to browse the documentation for the latest version.

Table of Contents

Network & Firewall

In this section you will find a summary about the recommended network and firewall settings for Kong.


Kong uses multiple connections for different purposes.

  • proxy
  • management api


The proxy ports is where Kong receives its incoming traffic. There are two ports with the following defaults;

  • 8000 for proxying. This is where Kong listens for HTTP traffic. Be sure to change it to 80 once you go to production. See proxy_listen.
  • 8443 for proxying HTTPS traffic. Be sure to change it to 443 once you go to production. See proxy_listen_ssl.

These are the only ports that should be made available to your clients.

Management api

This is the port where Kong exposes its management api. Hence in production this port should be firewalled to protect it from unauthorized access.


Below are the recommended firewall settings: