diff --git a/scripts/install b/scripts/install
index 6f4bd70..e987a8f 100644
--- a/scripts/install
+++ b/scripts/install
@@ -61,19 +61,12 @@ ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================
-ynh_script_progression --message="Configuring firewall..."
+ynh_script_progression --message="Finding an available port..."
 
 # Find an available port
 port=$(ynh_find_port --port=8095)
 ynh_app_setting_set --app=$app --key=port --value=$port
 
-# Optional: Expose this port publicly
-# (N.B. : you only need to do this if the app actually needs to expose the port publicly.
-# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
-
-# Open the port
-ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
-
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
diff --git a/scripts/remove b/scripts/remove
index f66f57f..328174a 100644
--- a/scripts/remove
+++ b/scripts/remove
@@ -83,16 +83,6 @@ ynh_script_progression --message="Removing logrotate configuration..."
 # Remove the app-specific logrotate config
 ynh_remove_logrotate
 
-#=================================================
-# CLOSE A PORT
-#=================================================
-
-if yunohost firewall list | grep -q "\- $port$"
-then
-	ynh_script_progression --message="Closing port $port..."
-	ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
 #=================================================
 # SPECIFIC REMOVE
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index f73a794..ccd9121 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -90,6 +90,13 @@ if [ -z "$hashed_password" ]; then
 	ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password
 fi
 
+# In previous versions, the port was mistakenly exposed to the outside world >_>
+if yunohost firewall list | grep -q "\- $port$"
+then
+	ynh_script_progression --message="Closing port $port..."
+	ynh_exec_warn_less yunohost firewall disallow TCP $port
+fi
+
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================