By default, we only open the ports necessary for the application you have deployed.
#### How can I restrict access to my service by IP address? From the Dashboard, select "***Security"***, then "***Show Settings"*** on the Firewall row [](https://docs.elest.io/uploads/images/gallery/2022-01/image-1643092204220.png) From there you can modify, remove, or add new rules to open a port from your service to the internet (or just to a specific target IP).All services come preconfigured with firewall rules that match the software you are deploying.
> You have to keep port 80 open to any ipv4/ipv6 or else Letsencrypt won't be able to generate an SSL certificate. ##### Here is a compilation of the ports necessary for Elestio Automation:| **Mandatory** | **Application** | **Protocol** | **Port** | **Usage** |
| ✔️ | Input | TCP | 22 | Automation SSH |
| ❌ | Input | UDP | 4242 | Nebula/ Global IP |
| ❌ | Input | TCP | 18345 | VS Code |
| ❌ | Input | TCP | 18374 | Open Terminal |
| ❌ | Input | TCP | 18346 | File Explorer |
| ❌ | Input | TCP | 18445 | Tail Logs |
| ❌ | Input | TCP | 18344 | Terminal |