Scheduled Network Connectivity Testing

[ooghry]

Select Topic Area

Question

Body

Hello ,
I am planning to create a scheduled workflow using GitHub Actions (cron job running once every hour). The purpose of this script is to fetch a list of Xray/proxy configurations and test their connectivity/latency to ensure they are active.
These tests involve making outbound network connections to various external servers on standard and non-standard ports (e.g., ports other than 80/443).
Before implementing this, I want to confirm if this activity complies with the GitHub Actions Acceptable Use Policy. Specifically, I want to ensure that:
This will not be flagged as "network scanning" or "abuse" of the runner's network resources.
Could you please clarify if this specific workflow is permitted to run directly on GitHub Actions, or if it would be considered a violation of your Acceptable Use Policy?
Thank you for your guidance.

[umangkumar0106]

Running scheduled connectivity checks from GitHub Actions can be acceptable provided the activity is legitimate, low-impact, and not abusive.

GitHub Actions runners are intended for CI/CD and automation tasks, including scripts that make outbound network requests. However, according to GitHub’s Acceptable Use Policies, activities that resemble port scanning, denial-of-service behavior, or abusive traffic patterns are not allowed.

Your proposed workflow is generally permissible if it meets these conditions:

✔️ Allowed (Generally Safe)

Testing connectivity to known, authorized servers

Performing simple health checks (e.g., latency, availability)

Using reasonable frequency (e.g., hourly is usually fine)

Making a limited number of outbound connections

Not probing wide IP ranges or random hosts

Not attempting to discover open ports on third-party systems

❌ Likely Not Allowed

Scanning arbitrary IP ranges or the public internet

Rapid or high-volume probing across many ports

Behavior that resembles reconnaissance or port scanning

Generating excessive traffic or load

Testing servers without permission

[DCdetective]

Dude , Can u mark this as an answer . I need it get a badge on github

[pratikrath126]

To add to @umangkumar0106's thorough answer: your workflow is acceptable under GitHub Actions policy. Ensure you limit the scope to specific targets you own, avoid aggressive probing, and consider adding retries with backoff. Hourly is a reasonable frequency. You are good to go!

[rikream]

Hello,

From what I understand, occasional outbound connectivity checks (for example testing whether specific endpoints are reachable or measuring latency) are generally acceptable in GitHub Actions as long as they are clearly part of a legitimate CI/CD or monitoring workflow and not excessive.

However, there are a few important considerations:

• Avoid behavior that resembles network scanning (probing large IP ranges, aggressive port sweeps, or high-frequency automated probing).
• Keep the request rate reasonable so it doesn’t look like abuse or stress testing from GitHub-hosted runners.
• Ensure you have permission to test the endpoints you are contacting.
• Review GitHub’s Acceptable Use Policy carefully, since activities interpreted as abuse, crypto-mining, or unauthorized scanning can lead to workflow suspension.

If your workflow involves frequent checks across many external hosts or nonstandard ports, it may be safer to run it on a self-hosted runner instead of GitHub-hosted infrastructure.

For a definitive answer, GitHub Support or the official Acceptable Use documentation would be the most reliable source.

Hope this helps.

[dbuzatto]

Running scheduled workflows (e.g., hourly via cron) in GitHub Actions is totally fine in general.

However, what matters here is how the network activity behaves.

GitHub-hosted runners must not be used for:

• Port scanning
• Network probing at scale
• Abuse-like traffic patterns
• Stress testing or mass connection attempts

If your workflow:

• Only tests connectivity to a small, controlled list of servers you own or are authorized to test
• Runs at a reasonable frequency (e.g., once per hour)
• Does not perform broad port scanning or enumeration
• Does not generate high-volume traffic

Then it’s typically fine.

If, however, it:

• Tests large numbers of external IPs
• Connects to many random hosts
• Probes multiple ports per host in a scanning-like pattern

That could be flagged as abuse.

Recommendation

If this involves:

• Testing many external proxies
• Non-standard ports at scale
• High outbound connection volume

You should run this on self-hosted runners instead of GitHub-hosted runners.

That removes any risk of violating GitHub’s Acceptable Use Policy.