Question
Which ports should be opened in the firewall on a Plesk server?
Answer
Depending on the services running on a Plesk server, the list of ports that need to be opened in the firewall varies.
The ports listed below are the common ports used by Plesk and related services. However, it is important to open only those ports and services that are actually in use and that you wish to expose to the Internet.
Warning: Unnecessary open ports can be a security risk.
Your infrastructure may be equipped with both an internal Plesk firewall installed locally on your server and an external firewall (e.g. operated by your service provider). Therefore, any changes you make should be reflected in both firewalls so that both firewalls can ensure proper communication and security of your server.
Plesk interface uses port 8443 for HTTPS connections and 8880 for HTTP connections.
Other ports that are used by Plesk and related services:
20 - FTP data transfer for active mode (TCP)
21 - FTP (TCP)
22 - SSH (TCP) - Linux only
25 - SMTP (TCP)
53 - DNS (TCP and UDP)
80 - HTTP (TCP)
110 - POP3 (TCP)
123 - NTP (UDP)
143 - IMAP (TCP)
443 - HTTPS (TCP) (mandatory for Plesk licensing server connections)
465 - SMTPS (TCP)
587 - SMTP (Submission) (TCP)
953 - RNDC (TCP)
990 - FTPS (TCP)
993 - IMAPS (TCP)
995 - POP3S (TCP)
1433 - Microsoft SQL (for remote connections) (TCP) - Windows only
3306 - MySQL (for remote connections) (TCP)
3389 - RDP (TCP) - Windows only
5432 - PostgreSQL (TCP) - Linux only
8401 - SQL Admin (TCP) - Windows only
8443 - Plesk HTTPS (TCP)
8447 - Plesk Installer (TCP)
8880 - Plesk HTTP (TCP)
49152-65535 - (TCP) for FTP passive mode - incoming connections only
Additional ports
135, 139, 445 - (TCP) for migration - Windows only
137, 138 - (UPD) for migration - Windows only
10155 - (TCP) for a custom Plesk Migrator service performing miscellaneous tasks - Windows only
10156 - (TCP) for rsync server (migration) - Windows only
49152-65535 - (TCP) for FTP passive mode - incoming connections only
