How to block port 80 in Google AppEngine


I want to block port 80 in Google AppEngine

For example, when I run:

sudo nmap -O <project-id>

It shows:

Starting Nmap 7.60 ( ) at 2018-02-06 16:36 EST
Nmap scan report for <project-id>  

80/tcp  open  http
443/tcp open  https

Here it shows port 80 is open.

I want to block/close port 80 in AppEngine. How to do that?

Best Answer

It depends on your setup:

App Engine standard won't allow you to change firewall rules as you don't have access to the loadbalancer. In this case, you could stop traffic on port 80 from within your code, however traffic will still be served by the platform. The current App Engine firewall only blocks IP addresses but not actual ports.

App Engine flex: You could force an HTTPS loadbalancer and firewall rules to enforce 443 or any other port you'd want traffic from. Flex basically works on GCE VMs.

you mind find this doc useful

lastly, you could user a GCE instance as a "proxy" using a static ip blocking traffic over port 80 to then redirect to App Engine. The issue with this would be having an instance powerful enough to handle all your application's traffic

Related Topic