RESOLUTION
Ports (Firewall Configuration)
In your firewall settings, open the following ports in both directions and
specify the connection type - tcp or udp or both.
We need that firewall be configured by our customers.
[-]
Pix firewall note
Pix firewall doesn't work correctly with H-Sphere and SiteStudio, because
it doesn't allow servers within one H-Sphere cluster to communicate by external IPs, which is critical
for both products.
| Port | Usage | CP Server | Web Server | Mail Server | DNS Server | MySQL Server | PGSQL Server | Real Server | Windows Server | MS SQL Server | MPS Server | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 20 | FTP-DATA | tcp | tcp | ||||||||||
| 21 | FTP | tcp | tcp | ||||||||||
| 22 | SSH* | tcp | tcp | tcp | tcp | tcp | tcp | tcp | |||||
| 25 | SMTP | tcp | tcp | ||||||||||
| 53 | DNS | udp | udp | udp | tcp and udp ** | udp | udp | udp | udp | udp | |||
| 80 | HTTP | tcp | tcp | tcp | tcp | tcp | tcp | tcp | tcp | ||||
| 110 | POP | tcp | |||||||||||
| 143 | IMAP | tcp | |||||||||||
| 144 | IMAP proxy | tcp for local host only | |||||||||||
| 443 | HTTPS | tcp | tcp | tcp | |||||||||
| 465*** | Mail SSL | tcp | |||||||||||
| 587 | submission | tcp | |||||||||||
| 873 | RSYNC | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | tcp between H-Sphere servers | |||
| 953 | RNDC | ||||||||||||
| 993*** | Mail SSL | tcp | |||||||||||
| 995*** | Mail SSL | tcp | |||||||||||
| 1433 | MS SQL | tcp | tcp | ||||||||||
| 1922 | IMAGEMAKER | tcp for localhost only | |||||||||||
| 3306 | MySQL | tcp | tcp | ||||||||||
| 3389 | Terminal Service | tcp | tcp | ||||||||||
| 5432 | Postgres | tcp | tcp | ||||||||||
| 5631 | pcAnywhere | tcp (optional) | tcp (optional) | ||||||||||
| 8007 | Apache JServ (not used in | tcp for localhost only | |||||||||||
| 8009 | Tomcat | tcp | |||||||||||
| 8080 | HTTP | tcp | |||||||||||
| 8443 | SSL | tcp | |||||||||||
| 55000 | OpenSRS | tcp (if used) | |||||||||||
| 10125 | SOAP
SOAP (Simple Object Access Protocol) serves data communication between | tcp between H-Sphere servers | tcp | tcp |
*For those requesting PSoft support, make sure your firewall settings allow
SSH connection to PSoft IPs.
**For highest security, open:
- udp permanently;
- tcp worldwide during H-Sphere installation and post-installation tests;
- tcp between H-Sphere DNS servers permanently.
***Open these ports only if you want to use Mail SSL.
Note: In the above table, all ports should be opened for external connections
unless specified otherwise (for example, "tcp between H-Sphere servers").
DNS Server Notes:
1. Port 953 (rndc) should be open for localhost only if your DNS server is using BIND 9.x.
2. If your DNS server is using BIND 8.x, it can be
upgraded to run with H-Sphere, but old domains would still have to
be managed by hand. Please agree your DNS server upgrade with
our installation team.
* As of now we don't provide support for Reverse DNS configuration.
English
Chinese
French
German
Japanese
Russian
Spanish