Nadeem

Member
May 1, 2002
17
0
301
Cpanel Ports --> firewall

hi, i'm going to install a firewall (PMFirewall) on my server (redhat 7.2)
and i need to know what Ports do i have to leave Open?

till now i will just open this ports:
[quote:08111cffa2]
21 ---& FTP ---& TCP
22 ---& SSH ---& TCP
25 ---& SMTP ---& TCP
53 ---& DNS ---& TCP & UDP
80 ---& HTTP ---& TCP
110 ---& POP3 ---& TCP
143 ---& IMAP ---& TCP
443 ---& HTTPs ---& TCP
993 ---& sIMAP ---& TCP
995 ---& sPOP3 ---& TCP
2082 ---& Cpanel ---& TCP
2086 ---& WHM ---& TCP
2095 ---& WebMail ---& TCP
3306 ---& MySQL ---& TCP
7786 ---& Ichange ---& TCP
6666 ---& Melange ---& TCP
[/quote:08111cffa2]

A - is there any ports i did'nt add? and what about Cpanel update, dose it use particular port?


=================================


what about the ports (1,2083,2084,2087,111,2096,456) that i see open on my `netstat -an` ex:

[quote:08111cffa2]
tcp 0 0 0.0.0.0:1 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2084 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
[/quote:08111cffa2]

B - do i have to open any ot them on the firewall?



=================================

Thank you
Nadeem
 

haze

Well-Known Member
Dec 21, 2001
1,550
3
318
3 that you missed:

2083 ---& secure Cpanel
2087 ---& secure WHM
2096 ---& secure WebMail

There could be more.. but I noticed these.
 

feanor

Well-Known Member
Aug 13, 2001
836
0
316
It's 2080 through 2099

when we've ranted back and forth at each other, bdraco has spawned that range as &leave those open and you'll be fine& -ish

Good luck.

;)
 

jumpdomain

Well-Known Member
Aug 12, 2001
109
0
316
If you are also firewalling off outbound traffic, which I would recommend, you need to make sure and leave Rsync open otherwise, CPanel will not update correctly. That is along with the other usual ports...
 

feanor

Well-Known Member
Aug 13, 2001
836
0
316
Those aren't normal for a cpanel box, nor are they cpanel instilled....

I just did some checking around, and 3000/3001 are definitely not normal. 3306 (mysql) is the only common tcp port in the 3,000 range for a cpanel box.
Default configuration wise, that is.