Network rules

Defining network rules to enhance the security.

To lock down the communication in between the reverse proxy and SonarQube, you can define the following network rules:

Protocol
Source
Destination
Port
Default

TCP

Reverse Proxy

SonarQube

sonar.web.port

9000

TCP

SonarQube

SonarQube

sonar.search.port

9001

TCP

SonarQube

SonarQube

sonar.es.port

random

You can further segment your network configuration if you specify a frontend network and keep Elasticsearch restricted to the loopback NiC.

Frontend

sonar.web.host

Frontend HTTP Network

0.0.0.0

Elasticsearch

sonar.search.host

Elasticsearch Network

127.0.0.1

For information about the parameters, see the List of system properties.

Last updated

Was this helpful?