Some non-standard open ports have been identified on the Universal Login page:

• HTTP:  8080, 8880, 2052, 2082, 2086, 2095.
• HTTPS: 2053, 2083, 2087, 2096, 8443.

This article clarifies why those ports are seen.

• Server Ports 
• Open Ports
• Auth0

These ports are exposed by an Edge Network provider.

The open ports seen are provided by a global scale edge & DDoS provider, which routes traffic for Auth0 and provides WAF & various other security functions. This service is provided by the Edge Network provider.

• The ports listed are among the ones the Edge Network provider exposes, but the origin servers are restricted to port 443, and the configuration only allows traffic to originate from that port.
• Auth0 cannot control which ports the Edge Network provider exposes, only what is accepted on the back end.
• In terms of Auth0 itself, these non-standard ports are not exposed.

For more information, see the following documentation: Network ports.

NOTE: Customers with an Enterprise plan can use a self-managed custom domain with a proxy and configure the ports. The canonical domain can be blocked through ACL rules. The hostname signal can be used to disable or restrict access to it.