Connectors are most commonly installed behind your firewall where they can access (connect) to your back end systems in order to read/write data. If you use the frevvo Cloud hosted server you must ensure that your Connectors are accessible from our servers. This is done by opening up one of the following ports on your firewall: Info |
---|
We recommend that you use https and not http. Https is a secure channel. |
- HTTP Ports: 80, 8082 or 19080
- HTTPs Ports: 443, 8443 or 19443
For customers that use firewall white-listing, also make sure the frevvo cloud outgoing server IP 54.86.85.105 (host outgoing.frevvo.com) is added to the list. Connector Security connectors installed on-premise should only be accessible to the frevvo server i.e. http://localhost:8983/, and should not be remotely accessible. Most customers don’t allow external http access to a server (only https). Since the connector(s) is not exposed over https, remote code execution vulnerability can be mitigated (a remote attacker cannot exploit this vulnerability as it is not exposed). Another option to enhance connector security is to block external access to port 8983, for example using firewall rules. See also Database Connector Security.
|