Allowing Common Ports with a Few Clicks

Scenarios

You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:

Remotely log in to ECSs.
Use the ping command to test ECS connectivity.
ECSs functioning as web servers provide website access services.

Table 1 describes the common ports that can be opened with a few clicks.

**Table 1** Common ports
Direction	Protocol & Port & Type	Source/Destination	Description
Inbound	TCP: 22 (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs.
	TCP: 3389 (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs.
	TCP: 80 (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites.
	TCP: 443 (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites.
	TCP: 20-21 (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over ports 20 and 21 (FTP) for uploading or downloading files.
	ICMP: All (IPv4)	0.0.0.0/0	Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity.
Outbound	All (IPv4) All (IPv6)	0.0.0.0/0 ::/0	Allows access from ECSs in the security group to any IP address over any port.

If the source is set to 0.0.0.0/0 or::/0, then all external IP addresses are either allowed or denied to access your instances, depending on if the action is Allow or Deny. If the access is allowed, exposing high-risk ports, such as port 22, 3389, or 8848, to the public network will leave your instances vulnerable to network intrusions, service interruptions, data leakage, or ransomware attacks. You should only configure known IP addresses for the security group rule.

Procedure

Log in to the management console.
Click in the upper left corner and select the desired region and project.
Click in the upper left corner and choose Networking > Virtual Private Cloud.
The Virtual Private Cloud page is displayed.
In the navigation pane on the left, choose Access Control > Security Groups.
The security group list is displayed.
In the security group list, click the name of the security group.
The security group details page is displayed.
Click the Inbound Rules or Outbound Rules tab, and then click Allow Common Ports.
The Allow Common Ports page is displayed.
Click OK.
After the operation is complete, you can view the added rules in the security group rule list.

Parent Topic: Managing Security Group Rules

Previous topic: Fast-Adding Security Group Rules

Next topic: Modifying a Security Group Rule

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot