Which ports can be removed from /etc/csf/csf.conf ?

Portal Home > Knowledgebase > Articles Database > Which ports can be removed from /etc/csf/csf.conf ?

Posted by Jacob2011, 08-11-2015, 10:14 AM
The SSH port have been changed by default, however port 21 is still enable in /etc/csf/csf.conf, can I remove it entirely( from TCP_IN, TCP_OUT, UDP_IN, UDP_OUT )? There're still over 20 ports opened there, on another server with no cPanel, DNS and database server installed, there are only 5 ports enabled. Thanks a lot.
Posted by Andei, 08-11-2015, 10:26 AM
Port 21 is for FTP, so if you're not using FTP you can remove this port from csf. This goes for any other ports which are specific to services that you are not using, ie: you can remove 3306 if you're not planning on using remote mysql, and so on.
Posted by Srv24x7, 08-13-2015, 09:56 AM
Hi, If you dont have to use FTP, you can surely remove them from the incoming and outgoing TCP/UDP port settings. FTP uses both 20 and 21 port, so you can remove it too. --------- --------- ftp-data 20/tcp ftp 21/tcp --------- --------- Make sure you keep the ports that are necessary. For example, if it is a webserver then 80 and 443 is necessary and so on. SSH port should also be enabled either 22 or whatever you want, otherwise, you may find difficulty using SSH.
Posted by EthernetServers, 08-13-2015, 10:16 AM
Your best option would be to make a list of the ports, and go through them one-by-one to see which you do and do not need. https://en.wikipedia.org/wiki/List_o...ll-known_ports
Posted by NixUser, 08-13-2015, 10:21 AM
Remove the ports that are not used by any service in your server.

Add to Favourites Print this Article