ejabberd.yml.example: Use non-standard STUN port

STUN via UDP can easily be abused for reflection/amplification DDoS attacks. Suggest a non-standard port to make it harder for attackers to discover the service. Modern XMPP clients discover the port via XEP-0215, so there's no advantage in sticking to the standard port.
2024-11-14 12:21:58 +01:00
parent c7d967a2b5
commit 18c54f4e9e
1 changed files with 1 additions and 1 deletions
@@ -67,7 +67,7 @@ listen:
      /admin: ejabberd_web_admin
      /.well-known/acme-challenge: ejabberd_acme
  -
-    port: 3478
+    port: 5478
    ip: "::"
    transport: udp
    module: ejabberd_stun