Firewall Configuration

Prev Next

If you are using a firewall, you may have to allow traffic to port 3000:

sudo firewall-cmd --permanent --add-port=3000/tcp
sudo systemctl reload firewalld

To communicate with Rocket.Chat Cloud services, and depending on the services you want to use, you need to whitelist the following URLs in your server’s firewall configuration.

URL

Purpose

cloud.rocket.chat

Required for workspace registration, workspace client authentication, and license sync/communications.

marketplace.rocket.chat

List and install marketplace apps.

releases.rocket.chat

Check for new Rocket.Chat versions.

billing.rocket.chat

Checkout and subscription tier management.

gateway.rocket.chat

Server → Push Gateway. Used by your server to send mobile app push notifications via Rocket.Chat Cloud. The mobile apps themselves connect only to Apple/Google push services.

omni-gateway.rocket.chat

Gateway for communications for omnichannel apps (e.g., WhatsApp, Facebook, Instagram, Telegram).

collector.rocket.chat

Collects usage statistics. Community workspaces must whitelist this, or the server will enter read-only mode.

Running in air-gapped mode requires a premium license.

nps.rocket.chat

NPS (Net Promoter Score) collector.