How to enable firewall ports in ISPConfig

In the opening of ports for ISPConfig it is necessary that our firewall is active, so we access our server and take the privileges of the root user.

List of ISPConfig ports

20 -   TCP-UDP     I/O-I/O               FTP         File transfers (data port)
21 -   TCP-UDP     I/O-I/O               FTP         File transfers (control port)
22 -   TCP                 I/O     SSH        ssh, scp copy, sftp
25 -   TCP                 I/O     SMTP    Outgoing email
53 -   TCP-UDP       I/O-I/O             DNS      Inbound is only needed if you run public DNS server
80  -  TCP                 I/O     HTTP      Web server
110 -  TCP                I/O     POP3     Incoming email
143 -  TCP                I          IMAP4  Incoming email
443 -  TCP                I/O     HTTPS   Web server SSL
993 -  TCP                I          IMAP4   Incoming email SSL
995 -  TCP                I          POP3     Incoming email SSL
3306 - TCP               I   MySQL Database server
8080 - TCP               I   ISPConfig web interface
8081-  TCP               I   ISPConfig apps vhost

Other ports

40110-40210 - TCP-UDP I/O-I/O PURE-FTP            File transfers (control port)

1. We can check the status of our firewall with the following command.

# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Wed 2020-07-22 18:20:17 BST; 17h ago
Docs: man:firewalld(1)
Main PID: 1015 (code=exited, status=0/SUCCESS)

2. Once it has been verified that our firewall is active we can execute the following list of the ports required by ISPConfig.

firewall-cmd --zone=public --add-port=20/tcp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=25/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=53/tcp --permanent
firewall-cmd --zone=public --add-port=110/tcp --permanent
firewall-cmd --zone=public --add-port=143/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=465/tcp --permanent
firewall-cmd --zone=public --add-port=587/tcp --permanent
firewall-cmd --zone=public --add-port=993/tcp --permanent
firewall-cmd --zone=public --add-port=995/tcp --permanent
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --zone=public --add-port=8999/tcp --permanent
firewall-cmd --zone=public --add-port=8081/tcp --permanent
firewall-cmd --zone=public --add-port=10000/tcp --permanent
firewall-cmd --zone=public --add-port=40110/tcp --permanent
firewall-cmd --zone=public --add-port=40210/tcp --permanent
firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --zone=public --add-port=3306/udp --permanent
firewall-cmd --zone=public --add-port=8999/udp --permanent
firewall-cmd --zone=public --add-port=40110/udp --permanent
firewall-cmd --zone=public --add-port=40210/udp --permanent
firewall-cmd --zone=public --add-port=2345/tcp --permanent

Note: In the event that your firewall is not active, check the following guide to enable the Linux firewall.

If you have any questions, please feel free to contact Picaraza Domains Ltd support team 24/7/365.
Was this answer helpful?

Related Articles

What is ISPConfig?

  ISPConfig is an Open Source Hosting Control Panel widely used for Linux, under BSD license...

DNS Template ISPConfig

The correct edition of a DNS template in ISPConfig is an essential part for the proper...

ISPConfig automatic installation

Automatic installation of ISPConfig ISPConfig is a very complete website administration...

ISPConfig, how to change the logo

How to change the logo in ISPConfig ISPConfig is a fabulous tool for the administration and...