Guides/Troubleshooting/Firewall rules on WordPress.com

Firewall rules on WordPress.com

Last reviewed on December 12, 2025

This guide explains which inbound and outbound firewall rules are supported on WordPress.com.

This feature is available on plugin-enabled sites with our WordPress.com Personal, Premium, Business, and Commerce plans. If your site has one of these plans, make sure to activate it. For sites on the free plan, upgrade your plan to access this feature.

In this guide

  1. Inbound firewall
  2. Outbound firewall

Have a question?

Ask our AI assistant
Back to top

Inbound firewall

Sites allow traffic over TCP ports 80 and 443 as well as support for uploading of files via TCP port 22 (SFTP). WordPress.com does not support, and will not add custom firewall rules to allow inbound traffic to your site or your site’s database/database server(s).

Outbound firewall

Plugin-enabled sites allow outbound traffic to the following protocols and ports:

  • TCP ports 465, 587 (SMTP)
  • TCP ports 110, 995 (POP3)
  • TCP ports 143, 993 (IMAP)
  • TCP ports 80, 443 (HTTP, HTTPS)

All other outbound traffic is rejected and logged.

Was this guide helpful for you?

Not quite what you're looking for? Get Help!

Get Help

In this guide

  1. Inbound firewall
  2. Outbound firewall

Have a question?

Ask our AI assistant
Back to top

Couldn't find what you needed?

Contact us

Get answers from our AI assistant, with access to 24/7 expert human support on paid plans.

Ask a question in our forum

Browse questions and get answers from other experienced users.
Copied to clipboard!

WordPress.com

Products
Features
Resources
Help
Company

Mobile Apps

Social Media