The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Services on Cpanel - ports.

Discussion in 'General Discussion' started by cygus, Jul 25, 2007.

  1. cygus

    cygus Active Member

    Joined:
    Jun 18, 2007
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I have the following services recognized by nmap:

    PORT STATE SERVICE
    21/tcp open ftp
    25/tcp open smtp
    26/tcp open unknown
    53/tcp open domain
    80/tcp open http
    110/tcp open pop3
    143/tcp open imap
    443/tcp open https
    465/tcp open smtps
    783/tcp open spamassassin
    953/tcp open rndc
    993/tcp open imaps
    995/tcp open pop3s
    3306/tcp open mysql

    My question is:

    Why ports: 26, 783 and 3306 are listen on public ip?
    This is required by cpanel config?
     
  2. Tymsah

    Tymsah Well-Known Member

    Joined:
    Apr 6, 2007
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    hi,

    3306 connect to mysql server your home or other application.
     
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator

    783 is Spamassassin (spamd)
    26 is likely an alternative SMTP port on your server (so that people whose ISP blocks their ability to send mail via TCP port 25 cn use TCP port 26 on your server for sending mail).
    3306 is Mysql, as explained by the previous poster

    So for TCP port 26, assuming that is Exim running on another port, it needs to be on a public IP to be useful. For TCP port 3306, it needs to be on a public IP if you want your customers to be able to access mysql from a remote iP. Most of your customers will never access from a remote IP but will set their software on your server to reference 'localhost' - But some will set their mysql apps to use www.theirdomain.com or something and some may have a need to connect to MySQL remotely to manage their MySQL databases. It would be up to you whether you would want to block that ability - but it isn't unusual for it to be on a public IP and you probably should not firewall it until you are sure it will not affect any of your customers.

    Mike
     
  4. cygus

    cygus Active Member

    Joined:
    Jun 18, 2007
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    ok thanks

    I know exactly those ports ... :)

    but I use mysql only local not remote
    and what with spamd port? must be public?
     
    #4 cygus, Jul 31, 2007
    Last edited: Jul 31, 2007
  5. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    I wouldn't allow 3306 externally, no reason to, and it could turn into a big liability if a MySQL exploit turns up.

    Are you running a firewall? If not, you should look at running the CSF firewall and security suite - it will save you a LOT of time and pain. You can install it in about 5 minutes with a few lines copy-and-pasted into a shell window. Get it at www.configserver.com/cp/csf.html.
     
  6. cygus

    cygus Active Member

    Joined:
    Jun 18, 2007
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    ok thx a lot
     
Loading...

Share This Page