diff --git a/site-cookbooks/5apps-xmpp_server/recipes/default.rb b/site-cookbooks/5apps-xmpp_server/recipes/default.rb
index bfb1d13..0dd353f 100644
--- a/site-cookbooks/5apps-xmpp_server/recipes/default.rb
+++ b/site-cookbooks/5apps-xmpp_server/recipes/default.rb
@@ -10,7 +10,7 @@
 unless node.chef_environment == "development"
   include_recipe "firewall"
   firewall_rule "xmpp" do
-    port     [5222, 5269]
+    port     [5222, 5269, 5281]
     protocol :tcp
     command  :allow
   end
diff --git a/site-cookbooks/kosmos-base/recipes/firewall.rb b/site-cookbooks/kosmos-base/recipes/firewall.rb
index 233a34c..96dd212 100644
--- a/site-cookbooks/kosmos-base/recipes/firewall.rb
+++ b/site-cookbooks/kosmos-base/recipes/firewall.rb
@@ -38,27 +38,3 @@ firewall_rule 'mosh' do
   protocol :udp
   command  :allow
 end
-
-firewall_rule 'prosody_http_upload' do
-  port     5281
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_hal8000' do
-  port     8080
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_botka_xmpp' do
-  port     8082
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_schlupp_xmpp' do
-  port     8083
-  protocol :tcp
-  command  :allow
-end
diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb b/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb
index 65c2779..4024294 100644
--- a/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb
+++ b/site-cookbooks/kosmos-hubot/recipes/botka_freenode.rb
@@ -118,4 +118,11 @@ unless node.chef_environment == "development"
   end
 
   nginx_certbot_site express_domain
+
+  include_recipe "firewall"
+  firewall_rule 'hubot_express_botka_freenode' do
+    port     express_port
+    protocol :tcp
+    command  :allow
+  end
 end
diff --git a/site-cookbooks/kosmos-hubot/recipes/default.rb b/site-cookbooks/kosmos-hubot/recipes/default.rb
index 30c7091..65bcf67 100644
--- a/site-cookbooks/kosmos-hubot/recipes/default.rb
+++ b/site-cookbooks/kosmos-hubot/recipes/default.rb
@@ -5,15 +5,6 @@
 # Copyright 2017-2018, Kosmos
 #
 
-unless node.chef_environment == "development"
-  include_recipe 'firewall'
-  firewall_rule 'hubot_express_hal8000_freenode' do
-    port     8080
-    protocol :tcp
-    command  :allow
-  end
-end
-
 include_recipe "kosmos-nodejs"
 include_recipe "kosmos-redis"