SonarQube Community Build | Server installation and setup | Network security | Network rules
Configuring network rules
On this page
To lock down the communication in between the reverse proxy and SonarQube, you can define the following network rules:
| Protocol | Source | Destination | Port | Default |
|---|---|---|---|---|
| TCP | Reverse Proxy | SonarQube | sonar.web.port | 9000 |
| TCP | SonarQube | SonarQube | sonar.search.port | 9001 |
| TCP | SonarQube | SonarQube | sonar.es.port | random |
You can further segment your network configuration if you specify a frontend network and keep Elasticsearch restricted to the loopback NiC.
| Network | Parameter | Description | Default |
|---|---|---|---|
| Frontend | sonar.web.host | Frontend HTTP Network | 0.0.0.0 |
| Elasticsearch | sonar.search.host | Elasticsearch Network | 127.0.0.1 |
For information about the parameters, see the list of system properties.
Related pages
Was this page helpful?
© 2008-2025 SonarSource SA. All rights reserved.
