Cpanel Ports --> firewall

Nadeem · Aug 16, 2002

Cpanel Ports --> firewall

hi, i'm going to install a firewall (PMFirewall) on my server (redhat 7.2)
and i need to know what Ports do i have to leave Open?

till now i will just open this ports:
[quote:08111cffa2]
21 ---& FTP ---& TCP
22 ---& SSH ---& TCP
25 ---& SMTP ---& TCP
53 ---& DNS ---& TCP & UDP
80 ---& HTTP ---& TCP
110 ---& POP3 ---& TCP
143 ---& IMAP ---& TCP
443 ---& HTTPs ---& TCP
993 ---& sIMAP ---& TCP
995 ---& sPOP3 ---& TCP
2082 ---& Cpanel ---& TCP
2086 ---& WHM ---& TCP
2095 ---& WebMail ---& TCP
3306 ---& MySQL ---& TCP
7786 ---& Ichange ---& TCP
6666 ---& Melange ---& TCP
[/quote:08111cffa2]

A - is there any ports i did'nt add? and what about Cpanel update, dose it use particular port?

=================================

what about the ports (1,2083,2084,2087,111,2096,456) that i see open on my `netstat -an` ex:

[quote:08111cffa2]
tcp 0 0 0.0.0.0:1 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2084 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
[/quote:08111cffa2]

B - do i have to open any ot them on the firewall?

=================================

Thank you
Nadeem

haze · Aug 16, 2002

3 that you missed:

2083 ---& secure Cpanel
2087 ---& secure WHM
2096 ---& secure WebMail

There could be more.. but I noticed these.

awsol · Aug 16, 2002

Hey Nick can you throw us a full list of ports we should leave open.

feanor · Aug 17, 2002

It's 2080 through 2099

when we've ranted back and forth at each other, bdraco has spawned that range as &leave those open and you'll be fine& -ish

Good luck.

jumpdomain · Aug 18, 2002

If you are also firewalling off outbound traffic, which I would recommend, you need to make sure and leave Rsync open otherwise, CPanel will not update correctly. That is along with the other usual ports...

jsteel · Sep 11, 2002

Why is port 3000 running 'ppp'? I also notice 3001 open on my box running 'nessusd'.

Thanks,
Jaz

feanor · Sep 11, 2002

Those aren't normal for a cpanel box, nor are they cpanel instilled....

I just did some checking around, and 3000/3001 are definitely not normal. 3306 (mysql) is the only common tcp port in the 3,000 range for a cpanel box.
Default configuration wise, that is.

Thread starter	Similar threads	Forum	Replies	Date
J	TLS 1.2 Poodle Vulnerability for WHM and Cpanel Ports	Security	3	Jun 23, 2020
L	cPanel Webdisk Reports SSL is Invalid or Self-Signed, Which is Totally Not True	Security	8	Oct 15, 2019
R	Open Ports for cPanel on Google Cloud VPS?	Security	5	May 18, 2018
W	Setting up cPanel ports issue	Security	11	Mar 20, 2018
K	Does cPanel hardened kernel supports centOS 7 64bit	Security	5	Aug 22, 2017

Search

Search

Cpanel Ports --> firewall

Nadeem

Member

haze

Well-Known Member

awsol

cPanel Test Bitch

feanor

Well-Known Member

jumpdomain

Well-Known Member

jsteel

Well-Known Member

feanor

Well-Known Member