Configuring Security Groups for Application Images

By default, outbound rules of a security group allow FlexusL instances in it to access external resources. This section describes how you can configure inbound rules for multiple application images of FlexusL instances. You can add multiple rules as required.

For details about more configuration examples, see Security Group Configuration Examples.
For details about how to configure security group rules, see Configuring Security Group Rules.

WordPress

**Table 1** Security group rules
Priority	Action	Type	Protocol & Port	Source	Description
1	Allow	IPv4	TCP: 22	0.0.0.0/0	Allows access to the FlexusL instance using SSH locally.
1	Allow	IPv4	TCP: 3306	0.0.0.0/0	Allows access to MySQL databases.
1	Allow	IPv4	TCP: 80	0.0.0.0/0	Specifies the internal forwarding port of application images
1	Allow	IPv4	TCP: 9001	0.0.0.0/0	Allows external access to the application dashboard.

BT Panel

**Table 2** Security group rules
Priority	Action	Type	Protocol & Port	Source	Description
1	Allow	IPv4	TCP: 22	0.0.0.0/0	Allows access to the FlexusL instance using SSH locally.
1	Allow	IPv4	TCP: 3306	0.0.0.0/0	Allows access to MySQL databases.
1	Allow	IPv4	TCP: 9090	0.0.0.0/0	Allows access to the phpMyAdmin database management tool.
1	Allow	IPv4	TCP: 8888	0.0.0.0/0	Allows access to the BT panel dashboard.
1	Allow	IPv4	TCP: 443	0.0.0.0/0	Allows HTTPS traffic to the FlexusL instance.
1	Allow	IPv4	TCP: 80	0.0.0.0/0	Allows HTTP traffic to the FlexusL instance.

Matomo, Odoo, Nextcloud, and GitLab

**Table 3** Security group rules
Priority	Action	Type	Protocol & Port	Source	Description
1	Allow	IPv4	TCP: 22	0.0.0.0/0	Allows access to the FlexusL instance using SSH locally.
1	Allow	IPv4	TCP: 80	0.0.0.0/0	Specifies the internal forwarding port of application images
1	Allow	IPv4	TCP: 9001	0.0.0.0/0	Allows external access to the application dashboard.
1	Allow	IPv4	TCP: 9000	0.0.0.0/0	Allows external access to the application O&M dashboard.

Portainer, Superset, and PrestaShop

**Table 4** Security group rules
Priority	Action	Type	Protocol & Port	Source	Description
1	Allow	IPv4	TCP: 22	0.0.0.0/0	Allows access to the FlexusL instance using SSH locally.
1	Allow	IPv4	TCP: 80	0.0.0.0/0	Specifies the internal forwarding port of application images
1	Allow	IPv4	TCP: 3306	0.0.0.0/0	Allows access to MySQL databases.
1	Allow	IPv4	TCP: 9001	0.0.0.0/0	Allows external access to the application dashboard.
1	Allow	IPv4	TCP: 9000	0.0.0.0/0	Allows external access to the application O&M dashboard.

SRS

**Table 5** Security group rules
Priority	Action	Type	Protocol & Port	Source	Description
1	Allow	IPv4	TCP: 22	0.0.0.0/0	Allows access to the FlexusL instance using SSH locally.
1	Allow	IPv4	TCP: 80	0.0.0.0/0	Specifies the internal forwarding port of application images
1	Allow	IPv4	TCP: 9001	0.0.0.0/0	Allows external access to the application dashboard.
1	Allow	IPv4	TCP: 1935	0.0.0.0/0	Allows access to the RTMP livestreaming server.
1	Allow	IPv4	TCP: 1985	0.0.0.0/0	Allows access to the HTTP API server to deliver HTTP-API and WebRTC streams.
1	Allow	IPv4	TCP: 8080	0.0.0.0/0	Allows access to the HTTP livestreaming server to deliver HTTP-FLV and HLS streams.
1	Allow	IPv4	TCP: 8000	0.0.0.0/0	Allows access to the WebRTC media server.