Skip to main content

CSF TCP Ports

SaltedDog
Hi Guys, We are having some high load issues on our servers - and our server admin is not reachable. Whilst I was looking over some settings I noticed the below ports in CSF: Allow outgoing TCP ports 20,21,212,25,26,53,80,110,143,443,465,587,993,995,1167,1194,2077,2078,2082,2083,2086,2087,2095,2096,2195,3128,3032,7777,10050,30000:30500,2795,49152:65534 Allow outgoing TCP ports 20,21,22,25,26,37,43,53,80,110,113,143,212,443,465,587,873,993,995,1167,2083,2086,2087,2089,2703,2929,3306,3307,8010:8050,8083,10050,45667 I know port access can vary - but can anybody flag anything that we potentially should remove from the above?

Comments

3 comments

Date Votes
  • cPanelWilliam
    Hello! There are several ports from the list you provided which do not appear to be used for cPanel/WHM services. You can consider removing the ports that aren't listed in the following article, however, I would recommend ensuring the ports aren't being used by another service before blocking them:
    0
  • ITHKBO
    I would advise if you still have access to the back-end to make use of the statistic displays that ConfigServer Firewall has build in to reduce potential culprits before closing any ports. Home >> Plugins >> ConfigServer Security & Firewall >> View lfd Statistics Than check the pie chart of "Block triggers in the last 28 days" for any abnormalities. You are also able to see load average and other statistics one page back under "View System Statistics" If you see any abnormalities with regards to the triggers and network traffic take a look at the page "View Listening Ports" to further audit the situation. With regards to the mentioned ports I assume the first entry is inbound instead of outbound? I am seeing the following ports that we personally do not use or recognize. Keep in mind that the following information is a guess on there function based on feedback of the site speedguide community. Always export your current configuration and verify where possible any function of any port before closing it. Also make sure to read the knowledge base provided by William to understand the port usage for the other ones in your list as I am seeing several you *might* not actually need. Example 2195 Apple Push Notifications APNs Inbound:TCP 212 Port 1167 (tcp/udp) 1194 Port 2795 (tcp/udp) 3128 Port 3032 (tcp/udp) 7777 Port 10050 (tcp/udp) Outbound: TCP 212 Port 1167 (tcp/udp) 2929 Port 3307 (tcp/udp) 8010:8050 (Can't find any information with regards to such a specific range, might want to check Port 8083 (tcp/udp) 10050
    0
  • SaltedDog
    Thanks for the info guys - I shall take a closer look.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post