The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What External firewall settings for VPS hosting?

Discussion in 'Security' started by NeilAgg, Dec 14, 2009.

  1. NeilAgg

    NeilAgg Member

    Joined:
    Dec 14, 2009
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Houston, TX
    Hello:

    I am wondering what VPS hosting providers have for their external firewall settings for cPanel VPSs. Right now, I have our external firewall set to block everything except the following:

    Inbound:
    •cPanel https
    •cPanel webmail https
    •DNS
    •FTP
    •HTTP
    •HTTPS
    •ICMP (e.g. Ping)
    •SSH
    •WHM https

    Outbound:
    •DNS
    •HTTP
    •HTTPS
    •NTP
    •SSH
    •SMTP

    Are there any other services I should allow through our external firewall?

    Thanks,
    Neil
     
  2. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    You would probably want to allow:
    TCP:
    21,22,25,37,43,53,80,443,2087,2089,3306

    UDP:
    20,53
     
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Here are a few that I don't see in the list but that may be desired:
    cPanel WebDisk, 2077
    cPanel WebDisk (SSL), 2078
    POP, 110
    POP (SSL), 995
    IMAP, 143
    IMAP (SSL): 993

    For a more verbose listing I would also reference the following entry in our documentation FAQ: Linux FAQ - Which ports should be open if I'm running my cPanel server behind a firewall?
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Check out /etc/services on your server for a list of possible services

    (not all of these are actually enabled or in use but gives you an idea)
     
Loading...

Share This Page