Ports To Open For Web Server (PLESK, CPanel, Etc.)
Mar 11, 2008
Our new data center provided us with a Cisco ASA5510 firewall. We're setting up all new servers and will begin migrating all of our domains from our current co-lo to the new place.
At the old co-lo, they provided us a very basic BSD based router, and our servers all had external public facing IPs on them. Firewalling was handled at the server (Windows Firewall or Linux IPtables).
The new place is NAT'ing us, so our servers all have a 192.168.10.x address inside, and they map the external address for us through to the inside.
By default, they are locking everything down. I had to ask them to open ssh so I could remote into my CentOS box last night.
I'm not a network guru-- what ports are going to NEED to be opened so I can give them a list? This is a standard PLESK hosting server so http (80), https, ssh, ftp, pop3, smtp, what else? Anyone have a list?
I have used a tool called Net Tools to scan ports on my various servers to determine ports are open in the firewall through my host.
For around a decade, this tool has been accurate to determine what ports are open/closed.
I have used this tool to accurately find issues with the firewall with current host (dedicated server). The network admin says that net tools should not be trusted and even though the software claims the ports are open, they are not open.
I explained that less than a month ago, this software reflected that these ports should closed were reflected accurately as closed by scanning the ports.
Partial results:
Code: Address Scanned: xx.xx.xx.xx
Scan Started at 10/27/2007 2:08:00 PM Scan Finished at 10/27/2007 2:18:03 PM
Ports Scanned: 1 To 4000
Total Ports Found Open: 3794
Current Ports Found Open: Port: 00004 Port: 00005 Port: 00009 Port: 00026 Port: 00044 Port: 00076 Port: 00083 Port: 00088 ... What are the ABSOLUTE best tools/ways that I can confirm that the ports are truly not accessible?
I have just installed APF and it seems to be running great.
I then installed NMAP and did a "nmap -sT -O localhost" but this lists lots of ports that I have shut down in APF and I am thinking it is testing the open ports before the firewall because the list of open ports is the same if the firewall is disabled or running.
Am I doing somthing wrong? Is there another way to test which ports I have open with APF running?
Can anyone recommend a hosting provider (No GoDaddy please) that provides me outbound access to port 3306 and 1221 and is reasonably priced?
I understand that many hosting providers who provide dedicated or virtual servers can give me this option but I only have one website that needs these specifications and that's not worth $60 a month.
I am currently in the throws of configuring a new dedicated "Windows Web Server 2008 / IIS7 / Plesk" server. As part of the setup I have obviously made sure the firewall is correctly setup. After doing this I have run a remote port scan (from my internet connected PC) to the IP address of the server. This has brought up two ports that should be blocked:
5190 1863
I can open a remote telnet session to both these ports, however if I remote desktop to the server and attempt a telnet connection both ports fail to respond.
Does anybody know what these ports are?
If it helps at all, the firewall surrounding the server is an external Cisco device
I have used the patch : [URL] .... to disable ssl v3.
After I applied the patch getting error below when i try to send email via horde webmail:
There was an error sending your message: Could not open secure TLS connection to the server.
Roundcube can send mails well but horde not. Otherwise since applied the parch i can't get mails from gmail and maybe other providers i don't know yet.
I have a SSL certificate for my website. I add the certificate to plesk and now I want use the certificate for diffrent ports.If I run only apache without plesk I need to add the ports to the apache conf where it listening too.At the moment apache listen only on port 844. But I want add 8443 too, how I do it in plesk?
From some reasons, plesk is blocking incoming 25 port (in plesk shows opened, but it's not)My emails are delivered trough port 25, after doing some tests ( i've sent some emails to an email account hosted in the server) there was no email in the roundcube inbox! All emails were blocked...
a) Firewall was blocking the port 25 on server restart. b) I have succesfully unblocked it from plesk manager -> tools -> edit/change -> even if i didn't change anything, i saved the "changes" and in my roundcube inbox i recived all the test emails. c) In /var/log/maillog there is no error.
2. Passive FTP gets blocked in the same way, to successfully connect FireFTP on passive mode i need to repeat 1.b steps even if i've created a special rule to prevent the blocking, opening 49152-65534 ports and set PassivePorts 49152 65534 in /etc/proftpd.conf
The issue appears randomly, because in the last 5 days i didn“t restart the server, the last time i checked it worked. Today, without touching anything, firewall blocked my passive FTP and I had probmels reciving emails from gmail, yahoo etc...
I have the web pro edition panel 12 on centos 6.5 64bit, and i have made some custom firewall rules in order to be able to run a teamspeak server. The problem is that the firewall randomly blocks the teamspeak port and keeps it blocked unless i restart the firewall.
Do SMTP servers by default use port 25 for receiving mail from another SMTP server? Are there any other receiving ports an SMTP server would be listening on by default?
My question is, a server I will be setting up is going to be behind a firewall that blocks outgoing connections *to* port 25. Is there going to be any way around this that is workable besides opening the port?
spec are: Intel . 2,4 GHz 80 GB of HDD disk 1GB MB of RAM Traffic-Unlimited 100Mbit Switch Port Windows web os
from hosting-ie yes i know the bad reviews but i got my server in 2days
now i saw a good deal that for 12 euros extra get 2 * 100mbit so i upgraded to a 2 * 100mbit connection as the server would be used to let members from my forum download music / music videos [remixed] made by me and my other producer so 200mbit server will do nicely for my site
now when i got it it shows me two network connections each saying 100mbit
but only one of the connections is being used and the other is not in use
is there a way that i can use both at the same time or maybe use one for http/ftp and one just for ther server itslef
I created a (dv) account with Media Temple and my starting domain name becomes my name servers... Now they setup on there DNS server a reverse lookup for mydomain.com, but not for any of the domain names which go under it.
They won't setup a reverse lookup for any of your sub domains, unless they have a dedicated IP address, which costs $1.00 per month per IP address.
So what this means is say one of your sub-domains sends an email to myclient.com and it so happens that myclient.com like many other domains does a reverse lookup on incoming emails to verify its not spam, but since the reverse lookup doesn't exist, your sub domain gets an error message saying the email can't be delivered.
I am new to this and it has been a long weeks of struggle just to get my website live on the internet. I can preview it but i can't Open what is the problem? It also not live on the internet. I waited over six days because i was thingking it was still in the process of propagation but nothing happened.
I tried to open Administration page for my Parallel Plesk Panel, but all the time it's show Loading and nothing happens. It's also not opening on the server trough https://localhost:8443 System redirect me to the address https://localhost:8443/sso/api.php?api=/ui and 10 minutes it's loading...
Seems that the default installation of Bind on Windows plesk 11.x (i don't know if is also for Linux), configure bind by default as open resolver. Then we must fix the problem using this kb:
[URL]
I'm wondering if i'm doing a wrong installation, of this type of installation is by default. In the second case, is there any reason?
I tried to install open-xchange from application vault.
I got the following error message: Fehler: Die Installation von Open-Xchange ist fehlgeschlagen. Non-zero exit status returned by script. Output stream: 'Creating OX context user_30 Not Found Failed to create OX context user_30: Not Found '. Error stream: 'Creating OX context user_30 Not Found Failed to create OX context user_30: Not Found '.
the following properties I made: public ox website: http://ox.mydomain.de ox installation server: myip