Reasons for rdate port (37) and ident port (113) to be left open?
In the "How to Configure Your Firewall for cPanel & WHM Services" documentation [1], it is stated that ports 37/tcp/outbound (rdate) and 113/tcp/outbound (ident) should be left open. However, no reasons are given. Both of these are rather outdated protocols. Can we get confirmation that they are still really required, and if so why?
Thanks.
[1]
-
Hey there! rdate is still used by the nightly update service and the WHM >> Server Time page. 113 is there as a "just in case" protocol for tools that may need it, but I'm not finding much on my end in cPanel that uses it. I blocked that port for outbound traffic in the firewall on my personal machine, and I did not get any errors when running a "/scripts/upcp --force" so it is at least not necessary for the cPanel update. It's possible an ident callout gets made in another area of the software, but I wasn't able to track down much information on that. I would say feel free to block 113 and see if anything out of the ordinary happens. I'm going to leave it blocked on my server as well and I'll report back if any odd behavior comes up that is related to that. 0 -
Thanks, I will try blocking port 113 as well. 0
Please sign in to leave a comment.
Comments
2 comments