All of our Virtual Private Server (VPS) configurations are based on a standard Plesk configuration and build process. As part of this, a number of services are configured and managed by Plesk and many of which have open ports available for remote connections. This does not pose a security threat and is part of a normal hosting environment.

This is to provide services such as:

  • Web
  • FTP
  • Email
  • Server Administration
  • DNS

Specifically, the following ports are open and their purpose are:

21File Transfer Protocol (FTP)Movement of files on and off the server for your website
22Secure Shell Protocol (SSH)Remote administration *Geo-limited to Australia and New Zealand
25Simple Mail Transfer Protocol (SMTP)Sending and receiving of email
53Domain Name Service (DNS)Resolution of domain names to Internet Protocol (IP) addresses
80Hypertext Transfer Protocol (HTTP)Viewing of websites
110Post Office Protocol Version 3 (POP3)Retrieval of email by email clients
143Internet Message Access Protocol (IMAP)Retrieval of email by email clients
443Hypertext Transfer Protocol Secure (HTTPS)Secure viewing of websites
465SMTP over TLS (Transport Layer Security)Secure sending and receiving of email
587SMTPAlternative port to 25
993IMAP over TLSSecure retrieval of email by email clients
995POP3 over TLSSecure retrieval of email by email clients
7080Direct Apache accessOn older servers only
8443Plesk AdministrationRemote access of Plesk via the web UI (HTTPS)
8447Plesk UpdatesOnly accessible when an upgrade has been requested via the GUI
8880Plesk AdministrationRemote access of Plesk via the web UI (HTTP)

All services used above as part of the Conetix platform are regularly updated and run on supported Linux based operating systems. As such, the security threat posed by these unused services remains very minimal based on our automated patch management. We also filter all connections via dedicated, hardware based firewalls to block and limit malicious activity.

Non-standard configuration

If you require these ports to be explicitly closed or limited to certain IP ranges, Conetix can do this as part of a server hardening process. This requires us to analyse and document the services used to determine which ports and services are required. There is therefore a cost to complete this on your behalf. You can request a server lockdown by completing the server lockdown form.

Was this article helpful?

Related Articles