After the certifigets are generated do I need to keep port 80 open? #1013
-
|
The docker hub documentation says that both port 80 and 443 must be open for http-01 challenge. That makes sense. But if I am not planning on adding any more domains/sub-domains may I close port 80? Or is port 80 needed for renewal? Why? Just a thing I have about closing all ports not absolutely required. Also, this is a really great container! It worked for me and was simple to set up. Thank you. :) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi, keeping the port 80 opened is the official recommended practice from Let's Encrypt themselves. I entirely agree with them that closing port 80 for the sake of closing a port have zero security benefits and, in this case, only drawbacks. |
Beta Was this translation helpful? Give feedback.
Hi, keeping the port 80 opened is the official recommended practice from Let's Encrypt themselves. I entirely agree with them that closing port 80 for the sake of closing a port have zero security benefits and, in this case, only drawbacks.