Common Ports Used by ECSs
When adding a security group rule, you must specify the port or port range for communication. When a security group detects an access request, it checks whether the IP address and the port of the device that sends the request are allowed by security group rules. Data communication can be established only when security group rules allow the request.
Table 1 lists the common ports used by ECSs. You can configure security group rules to allow traffic to and from specified ECS ports. For details, see Adding a Security Group Rule. For more information about requirements for Windows, see Service overview and network port requirements for Windows.
|
Protocol |
Port |
Description |
|---|---|---|
|
FTP |
21 |
An FTP port used to upload and download files |
|
SSH |
22 |
An SSH port used to remotely connect to Linux ECSs |
|
Telnet |
23 |
A port used to remotely log in to ECSs using Telnet |
|
SMTP |
25 |
A port of the SMTP server, which is used to send emails For security purposes, TCP port 25 is disabled in the outbound direction by default. For details about how to open the port, see What Do I Do If Outbound Access Through TCP Port 25 Is Restricted? |
|
HTTP |
80 |
A port used to access websites over HTTP |
|
POP3 |
110 |
A port used to receive emails using Post Office Protocol version 3 (POP3) |
|
IMAP |
143 |
A port used to receive emails using Internet Message Access Protocol (IMAP) |
|
HTTPS |
443 |
A port used to access websites over HTTPS |
|
SQL Server |
1433 |
A TCP port of the Microsoft SQL Server for providing services |
|
SQL Server |
1434 |
A UDP port of the Microsoft SQL Server for returning the TCP/IP port number used by the SQL Server |
|
Oracle |
1521 |
Oracle database communications port, which must be enabled on the ECSs where Oracle SQL Server is deployed |
|
MySQL |
3306 |
A port used by MySQL databases to provide services |
|
Windows Server Remote Desktop Services |
3389 |
Windows Server Remote Desktop Services port, which can be used to connect to Windows ECSs |
|
Proxy |
8080 |
Proxy port 8080 used in the WWW proxy service for web browsing. If you use port 8080, you need to add :8080 after the IP address when you visit a website or use a proxy server. After Apache Tomcat is installed, the default service port is 8080. |
|
NetBIOS |
137, 138, and 139 |
NetBIOS is often used for Windows files, printer sharing, and Samba.
|
Some Ports Inaccessible
Symptom: Users in some areas cannot access some ports in the public cloud system.
Analysis: Ports listed in the following table are high-risk ports and are blocked by default.
|
Protocol |
Port |
|---|---|
|
TCP |
42, 135, 137, 138, 139, 444, 445, 593, 1025, 1068, 1434, 3127, 3128, 3129, 3130, 4444, 4789, 5554, 5800, 5900, and 9996 |
|
UDP |
135 to 139, 1026, 1027, 1028, 1068, 1433, 1434, 4789, 5554, and 9996 |
Solution: It is recommended that you use ports not listed in the table for your services.
Last Article: Changing the Security Group of an ECS
Next Article: Network ACL
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.