Ports for gitea and gitlfs?

Install/Maintain/Configure

talmage September 23, 2025, 7:47pm 1

I’m working on my ufw firewall rules and I want to be sure that ufw permits the traffic I want and denies the rest. Please advise me.

My gitea instance runs on a server in my DMZ. It listens on port 3000. Is that enough? I have an old firewall rule that forwards traffic on ports in the range 3000-5997 to the gitea server. Is that necessary?

linkp September 23, 2025, 8:00pm 2

talmage:

It listens on port 3000

That is most unusual. Normally that port stays closed to the internet and you allow proxied access using HTTPS on TCP port 443.

docs.gitea.com

Reverse Proxies | Gitea Documentation

General configuration

talmage September 24, 2025, 1:01pm 3

Thanks. I’ll look into the reverse proxy. I set up gitea on port 3000 because I didn’t know about reverse proxying for gitea.

I still don’t know why my firewall has that range of ports open for gitea.

linkp September 24, 2025, 2:56pm 4

Gitea listens on port 3000, but you normally don’t want to expose that port to the internet, hence the standard practice of proxying HTTPS to it.

talmage:

I still don’t know why my firewall has that range of ports open for gitea.

Wouldn’t you have had to open those ports?

talmage September 24, 2025, 10:05pm 5

Yes, certainly port 3000. I’m not sure why I opened ports 3001 through 5997. I can’t find any documentation on that.

Related topics

Topic		Replies	Views	Activity
[Solved] Gitea only accessible in local network Install/Maintain/Configure	3	2143	May 16, 2020
How can I Change HTTP port on my Docker Gitea and make it work with Clone over SSH General	0	4242	April 13, 2020
Gitea server 无报错服务未能监听3000端口启动 中文求助(Chinese Only)	2	1475	August 18, 2021
[SOLVED] Fresh installation from binary, not reachable on port 3000 Install/Maintain/Configure	1	1950	June 8, 2021
Failed to start SSH server: listen tcp :22: bind: permission denied Install/Maintain/Configure	7	11205	February 27, 2020