What ports should be opened for Virtualmin in firewall?  

  RSS

Tharindu
(@tharindu)
Admin
Joined: 4 years  ago
Posts: 144
11/08/2018 10:35 am  

This is a question people ask when configuring firewall for Virtualmin. This is really important on platforms like Amazon Web Services and Google Cloud platform because they have a built-in firewall blocking all connections. You won't be able to access Virtualmin or other services if the specific port used by those services are being blocked by firewall.

If you're configuring firewall for your Virtualmin on unmanaged VPS, EC2 Instance or Google Compute Engine, following are the ports that must be opened,

  • 22 - SSH port
  • 80 - HTTP web access
  • 443 - HTTPS web access
  • 10000 - Virtualmin port

These 4 ports are a good starting point. You can get your server and websites up and running with these ports open. However there are additional ports that other essential services on your server use. I'm listing them below. You can open them all, that's easier but insecure. Because opening a port means opening a door to hackers. These are the optional ports that some services use.

  • 20 - 21 - FTP (Port 22 can be used for this purpose. Read: Uploading files with sFTP)
  • 25 - SMTP (Email)
  • 53 (both tcp and udp) - DNS port (for custom nameservers)
  • 110 - POP3 (Email)
  • 143 - IMAP (Email)
  • 465 - SMTPS (Email)
  • 10001 - 10009 - Webmin RPC
  • 20000 - Usermin

You can optionally choose to open any of these ports on your firewall. But I usually only open 4 ports mentioned above.

This topic was modified 3 months  ago 5 times by Tharindu

Become a vpsfix.com affiliate and earn up to 10% commissions from your referrals


ReplyQuote
adamjedgar
(@adamjedgar)
New Member
Joined: 3 months  ago
Posts: 2
12/08/2018 2:46 am  

This article has an error that non googlecloud users may not be aware of...

 There are a list of mail ports that are permanently blocked on google cloud. You must use a "non standard email port" and a 3rd party mail relay (such as sendgrid).

https://cloud.google.com/compute/docs/tutorials/sending-mail/

This post was modified 3 months  ago by adamjedgar
This post was modified 3 months  ago by Tharindu

Tharindu liked
ReplyQuote
Tharindu
(@tharindu)
Admin
Joined: 4 years  ago
Posts: 144
12/08/2018 7:25 pm  

Thanks for pointing it out @adamjedgar. I didn't know that. I find it surprising that they are blocking port 25. 

Become a vpsfix.com affiliate and earn up to 10% commissions from your referrals


ReplyQuote
adamjedgar
(@adamjedgar)
New Member
Joined: 3 months  ago
Posts: 2
13/08/2018 10:42 am  

yes it is a pain that they are blocking said ports.

I have also just created a new Azure account. I notice that even Microsoft as of November last year have done a similar thing for all new accounts.

Clearly blocking standard mail ports is going to become common place across the industry by major service providers, all clients will need to use mail relay services such as sendgrid.


Tharindu liked
ReplyQuote
Tharindu
(@tharindu)
Admin
Joined: 4 years  ago
Posts: 144
29/09/2018 5:49 pm  

I can confirm that AWS is too blocking port 25 now.

This post was modified 2 months  ago by Tharindu

Become a vpsfix.com affiliate and earn up to 10% commissions from your referrals


ReplyQuote
Share:
Close
  
Working

Please Login or Register