Skip to content

docs: Update blocked ports list for NGINXaaS Azure listen directive #833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 17, 2025
Merged

docs: Update blocked ports list for NGINXaaS Azure listen directive #833

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
094bca7
docs: update blocked ports list for NGINXaaS Azure listen directive
rnandwal-f5 Jul 17, 2025
7877d62
Remove port usage details.
rnandwal-f5 Jul 17, 2025
d81b8d8
Merge branch 'main' into NGINXaaS/Update-blocked-ports-documentation
JTorreG Jul 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion content/nginxaas-azure/getting-started/nginx-configuration/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,14 @@ Some directives cannot be overridden by the user provided configuration.

## NGINX listen port restrictions

- Due to port restrictions on Azure Load Balancer health probes, ports `19`, `21`, `70`, and `119` are not allowed. The NGINXaaS deployment can listen on all other ports.
- Due to port restrictions on Azure Load Balancer health probes, certain ports are not allowed for the `listen` directive in NGINX configuration. The following ports are blocked:
- `19`, `21`, `70`, `119` - Azure health probe restricted ports
- `49151` - Azure system reserved port
- `49153` - CoreDNS port (used for internal DNS resolution)
- `5140` - NGINX App Protect syslog port (used for internal WAF logging)
- `50000` - NGINX App Protect enforcer port (used for internal WAF communication)
- `54141` - AIGW traffic port (used for internal gateway communication)
- `54779` - IMDS proxy port (used for internal metadata service communication)

- The [Basic]({{< ref "/nginxaas-azure/billing/overview.md#basic-plan" >}}) plan (and the deprecated Standard (v1) plan) supports a maximum of 5 listen ports in the NGINX configuration. Configurations that specify over 5 unique ports are rejected.

Expand Down
Loading