Which ports should be open in firewall on a Plesk server

Follow

Comments

14 comments

  • Avatar
    feralfruitfreak

    Nginx needs 7080 and 7081.  953 needs to be opened for the DNS server (named).  12443 may also be needed, "Parallels Customer and Business Manager payment gateways".

    0
    Comment actions Permalink
  • Avatar
    Lev Iurev

    Hi @feralfruitfreak, Nginx does not use 7080,7081 ports in Plesk, Apache uses it internally. Customer and Business Manager is not longer supported by Plesk.

    0
    Comment actions Permalink
  • Avatar
    Reiser (Edited )

    I made a script to open all required ports on Centos firewall fast:

    https://github.com/Reiser89/plesk-centos-firewall-opener

    2
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    @Reiser

    Hi!

    Thank you for the script!

    Other Pleskians may find it useful =)

    0
    Comment actions Permalink
  • Avatar
    GravuTrad (Edited )

    ./fwplesk.sh: ligne7: Erreur de syntaxe près du symbole inattendu « newline »
    ./fwplesk.sh: ligne7: `<!DOCTYPE html>'

    syntax error signalized

    0
    Comment actions Permalink
  • Avatar
    Maxim Krasikov

    Hello @GravuTrad,

    Please contact the script developer as it is not created by Plesk:
    https://github.com/Reiser89/plesk-centos-firewall-opener

    0
    Comment actions Permalink
  • Avatar
    Mario

    Hi, 

    The Plesk Firewall extension does not show port numbers: 

    Any possibilities of adding a column with the port number?

    Regards

    0
    Comment actions Permalink
  • Avatar
    Daria Gavrilova

    Hello @Mario,

    Thank you for your input!

    The feature that you have reported is yet to be implemented in Plesk, thus I can suggest you take part in our product improvement by referring to the following link: Feature Suggestions

    The top-ranked suggestions are likely to be included in the next versions of Plesk.

    0
    Comment actions Permalink
  • Avatar
    Bernadette Y Yu (Edited )

    When setting up a firewall on Digital Ocean, for my Plesk droplet, should I include these ports for Inbound Rules? The default is to only accept inbound connections on port 22 for SSH. Otherwise, should I deny access to all of these ports from everyone but my own IP on my Plesk firewall?

    0
    Comment actions Permalink
  • Avatar
    Ekaterina Babenko

    Hello,

    The ports should be opened in any internal/external firewalls. If DigitalOcean filters these ports, they are required to be configured on their side also. 

    0
    Comment actions Permalink
  • Avatar
    Laurence Cope (Edited )

    Hi. We close all unnecessary ports for security reasons. We then have the CSF firewall to only allow access to 80 and 443 for websites. We would then need to allow any necessary ports Plesk uses, for example, does it connect through another port for updates? I assume #5224 is necessary for license updates, so any others needed? Most of the list above are not necessary ports, as Plesk on its own does not need FTP, Email etc etc. to operate. 

    So does anyone know what the actual necessary ports are for Plesk to work? So assume you only have Plesk and no other service... are there any other necessary ports? 

    Thanks

    0
    Comment actions Permalink
  • Avatar
    infra

    You should also add port 8080 for node applications

    0
    Comment actions Permalink
  • Avatar
    Francisco Garcia

    Hi Laurence Cope,

    If you only have Plesk, then you must have at least the next ports:

    #8443 plesk-https (TCP)
    #8447 autoinstaller (TCP)
    #8880 plesk-http (TCP)

    Other ports are for services (SSH, FTP, DNS, Mail, DB, etc...), or to run a Plesk Migration as stated in after the port number.

    Hi infra,

    Such port is not listed since the Node Application runs through web service (80, 443), thus if the app you're running works on a specific port (due to programming) it is an application-specific port that has to be open by the administrator of the server. Like for example direct access to Apache (when Proxy Mode enabled) on port 7080 or 7081, not required because by default works through Nginx on 80/443 ports.

    1
    Comment actions Permalink
  • Avatar
    Laurence Cope

    Thanks Francisco, exactly what's needed to know!  

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request