For some time now I have been trying to get a complete and accurate list of ports needed for cpanel/whm to work. It seems to be impossible for them to come up with it so I am starting it and perhaps some people can jump in and help.
In order to only open the ports needed on a firewall it is imperative to have a complete list and not something that says "open 2080 to 2099".
Here is what I have so far:
port service protocol direction
20 ftp tcp inbound/outbound
21 ftp tcp,udp inbound/outbound
22 ssh tcp inbound
25 smtp tcp inbound/outbound
26 smtp tcp inbound/outbound
(this port is only needed to be open if the option in cpanel to run exim on port 26 is used.)
37 rdate tcp outbound
43 whois tcp outbound
53 DNS tcp/udp inbound/outbound
(inbound is only needed if you run your own public DNS server you)
80 http tcp inbound/outbound
110 pop3 tcp inbound
113 ident tcp outbound
143 imap4 tcp inbound
443 https tcp inbound
465 smtp tls/ssl tcp/udp inbound/outbound
873 rsync tcp/udp outbound
993 imap4 ssl tcp inbound
995 pop3 ssl tcp inbound
2082 cpanel tcp inbound
2083 cpanel ssl tcp inbound
2086 whm tcp inbound/(outbound for DNS cluster)
2087 whm ssl tcp inbound/(outbound for DNS cluster)
2089 cp licence tcp outbound
2095 Webmail tcp inbound
2096 Webmail SSL tcp inbound
3306 mysql tcp (only if you need to connect remotely)
6666 chat tcp inbound
9898 AIM tcp outbound
If anyone has changes or additions please let me know and I will update this.
In order to only open the ports needed on a firewall it is imperative to have a complete list and not something that says "open 2080 to 2099".
Here is what I have so far:
port service protocol direction
20 ftp tcp inbound/outbound
21 ftp tcp,udp inbound/outbound
22 ssh tcp inbound
25 smtp tcp inbound/outbound
26 smtp tcp inbound/outbound
(this port is only needed to be open if the option in cpanel to run exim on port 26 is used.)
37 rdate tcp outbound
43 whois tcp outbound
53 DNS tcp/udp inbound/outbound
(inbound is only needed if you run your own public DNS server you)
80 http tcp inbound/outbound
110 pop3 tcp inbound
113 ident tcp outbound
143 imap4 tcp inbound
443 https tcp inbound
465 smtp tls/ssl tcp/udp inbound/outbound
873 rsync tcp/udp outbound
993 imap4 ssl tcp inbound
995 pop3 ssl tcp inbound
2082 cpanel tcp inbound
2083 cpanel ssl tcp inbound
2086 whm tcp inbound/(outbound for DNS cluster)
2087 whm ssl tcp inbound/(outbound for DNS cluster)
2089 cp licence tcp outbound
2095 Webmail tcp inbound
2096 Webmail SSL tcp inbound
3306 mysql tcp (only if you need to connect remotely)
6666 chat tcp inbound
9898 AIM tcp outbound
If anyone has changes or additions please let me know and I will update this.