Overview
All of our Virtual Private Server (VPS) configurations are based on a standard Plesk configuration and build process. As part of this, a number of services are configured and managed by Plesk and many of which have open ports available for remote connections. This does not pose a security threat and is part of a normal hosting environment.
This is to provide services such as:
- Web
- FTP
- Server Administration
- DNS
Specifically, the following ports are open and their purpose are:
Port | Service | Usage |
---|---|---|
21 | File Transfer Protocol (FTP) | Movement of files on and off the server for your website |
22 | Secure Shell Protocol (SSH) | Remote administration *Geo-limited to Australia and New Zealand |
25 | Simple Mail Transfer Protocol (SMTP) | Sending and receiving of email |
53 | Domain Name Service (DNS) | Resolution of domain names to Internet Protocol (IP) addresses |
80 | Hypertext Transfer Protocol (HTTP) | Viewing of websites |
110 | Post Office Protocol Version 3 (POP3) | Retrieval of email by email clients |
143 | Internet Message Access Protocol (IMAP) | Retrieval of email by email clients |
443 | Hypertext Transfer Protocol Secure (HTTPS) | Secure viewing of websites |
465 | SMTP over TLS (Transport Layer Security) | Secure sending and receiving of email |
587 | SMTP | Alternative port to 25 |
993 | IMAP over TLS | Secure retrieval of email by email clients |
995 | POP3 over TLS | Secure retrieval of email by email clients |
7080 | Direct Apache access | On older servers only |
8443 | Plesk Administration | Remote access of Plesk via the web UI (HTTPS) |
8447 | Plesk Updates | Only accessible when an upgrade has been requested via the GUI |
8880 | Plesk Administration | Remote access of Plesk via the web UI (HTTP) |
All services used above as part of the Conetix platform are regularly updated and run on supported Linux based operating systems. As such, the security threat posed by these unused services remains very minimal based on our automated patch management. We also filter all connections via dedicated, hardware based firewalls to block and limit malicious activity.
Non-standard configuration
If you require these ports to be explicitly closed or limited to certain IP ranges, Conetix can do this as part of a server hardening process. This requires us to analyse and document the services used to determine which ports and services are required. There is therefore a cost to complete this on your behalf. You can request a server lockdown by completing the server lockdown form.