Network rules

Defining network rules to enhance the security.

To lock down the communication in between the reverse proxy and SonarQube, you can define the following network rules:

Protocol

Source

Destination

Port

Default

TCP

Reverse Proxy

SonarQube

sonar.web.port

9000

TCP

SonarQube

sonar.search.port

9001

TCP

SonarQube

sonar.es.port

random

You can further segment your network configuration if you specify a frontend network and keep Elasticsearch restricted to the loopback NiC.

Network

Parameter

Description

Default

Frontend

sonar.web.host

Frontend HTTP Network

0.0.0.0

Elasticsearch

sonar.search.host

Elasticsearch Network

127.0.0.1

For information about the parameters, see List of properties common to all editions.

Was this helpful?