A few questions came out of due-diligence vulnerability testing on our side.
The following ports were found to be open:
- 2052 / tcp / www
- 2053 / tcp / www
- 2082 / tcp / www
- 2083 / tcp / www
- 2086 / tcp / www
- 2087 / tcp / www
- 2095 / tcp / www
- 2096 / tcp / www
- 8080 / tcp / www
- 8443 / tcp / www
- 8880 / tcp / www
Is this expected? If so, what are these ports used for?
Notably, these ports are only seem to be open for one of our services. Could it be because it’s an old service? Perhaps re-creating the service would solve this issue?
We are setting HTTP Strict Transport Security (HSTS) headers for our service, but they don’t seem to be passed through. Is this a limitation of Render?
An SSL certificate for one of our services seems to be expired. Is this something we can take care of on our end?
Thanks in advance,