Updated on 2025-08-25 GMT+08:00

DDS Instances Should Not Use Unallowed Ports

Rule Details

Table 1 Rule details

Parameter

Description

Rule Name

dds-instance-port-check

Identifier

DDS Instances Should Not Use Unallowed Ports

Description

If a DDS instance is using an unallowed port, this instance is non-compliant.

Tag

dds

Trigger Type

Configuration change

Filter Type

dds.instances

Rule Parameters

disabledPortsPatterns: Unallowed ports. The value must be an array.

Application Scenarios

The default port for MongoDB is 27017. The default port is more likely to be eavesdropped, so a non-default port is recommended. For details, see Security Best Practices.

Solution

Change the instance port by referring to Changing a Database Port. The port number must be in the range of 2100 to 65535 (excluding 12017 and 33071).

Rule Logic

  • If a DDS instance is using an unallowed port, this instance is non-compliant.
  • If a DDS instance has unallowed ports disabled, this instance is compliant.