Edit

Share via


ExplicitlyAllowedNetworkPorts

Explicitly allowed network ports

Supported versions

  • On Windows and macOS since 91 or later

Description

There is a list of restricted ports built into Microsoft Edge. Connections to these ports will fail. This policy allows bypassing that list. The set of ports is defined as a comma-separated list that outgoing connections should be permitted on.

Ports are restricted to prevent Microsoft Edge from being used as a vector to exploit various network vulnerabilities. Setting this policy may expose your network to attacks. This policy is intended as a temporary workaround for error code "ERR_UNSAFE_PORT" while migrating a service running on a blocked port to a standard port (for example port 80 or 443).

Malicious websites can easily detect that this policy is set, and for which ports, then use that information to target attacks.

Each port listed in this policy is labeled with a date that it can be unblocked until. After that date the port will be restricted regardless of if it's specified by the value of this policy.

Leaving the value empty or unset means that all restricted ports will be blocked. Invalid port values set through this policy will be ignored while valid ones will still be applied.

This policy overrides the "--explicitly-allowed-ports" command-line option.

Policy options mapping:

  • 554 (554) = port 554 (can be unblocked until 2021/10/15)

  • 10080 (10080) = port 10080 (can be unblocked until 2022/04/01)

  • 6566 (6566) = port 6566 (can be unblocked until 2021/10/15)

  • 989 (989) = port 989 (can be unblocked until 2022/02/01)

  • 990 (990) = port 990 (can be unblocked until 2022/02/01)

Use the preceding information when configuring this policy.

Policy options mapping:

Use this information when configuring this policy.

  • 554 = port 554 (can be unblocked until 2021/10/15)
  • 10080 = port 10080 (can be unblocked until 2022/04/01)
  • 6566 = port 6566 (can be unblocked until 2021/10/15)
  • 989 = port 989 (can be unblocked until 2022/02/01)
  • 990 = port 990 (can be unblocked until 2022/02/01)

Supported features

  • Can be mandatory: Yes
  • Can be recommended: No
  • Dynamic Policy Refresh: Yes
  • Per Profile: No
  • Applies to a profile that is signed in with a Microsoft account: Yes

Data type

  • List of strings

Windows information and settings

Group Policy (ADMX) info

  • GP unique name: ExplicitlyAllowedNetworkPorts
  • GP name: Explicitly allowed network ports
  • GP path (Mandatory): Administrative Templates/Microsoft Edge
  • GP path (Recommended): N/A
  • GP ADMX file name: MSEdge.admx

Example value

port 10080 (can be unblocked until 2022/04/01)

Registry settings

  • Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\ExplicitlyAllowedNetworkPorts
  • Path (Recommended): N/A
  • Value name: 1, 2, 3, ...
  • Value type: List of REG_SZ

Example registry value

SOFTWARE\Policies\Microsoft\Edge\ExplicitlyAllowedNetworkPorts\1 =

10080

Mac information and settings

  • Preference Key name: ExplicitlyAllowedNetworkPorts
  • Example value:
<array>
  <string>10080</string>
</array>

See also