Ports (Firewall Configuration)
In your firewall settings, open the following ports in both directions and
specify the connection type - tcp or udp or both.
We need that firewall be configured by our customers.
|Port||Usage||CP Server||Web Server||Mail Server||DNS Server||MySQL Server||PGSQL Server||Real Server||Windows Server||MS SQL Server||MPS Server|
|53||DNS||udp||udp||udp||tcp and udp **||udp||udp||udp||udp||udp|
|144||IMAP proxy||tcp for local host only|
|873||RSYNC||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers||tcp between H-Sphere servers|
|953||RNDC||tcp and udp**|
|1922||IMAGEMAKER||tcp for localhost only|
|5631||pcAnywhere||tcp (optional)||tcp (optional)|
|8007||Apache JServ (not used in HS 2.4 and up)||tcp for localhost only|
|55000||OpenSRS||tcp (if used)|
SOAP (Simple Object Access Protocol) serves data communication between Control panel and Windows servers.
|tcp between H-Sphere servers||tcp||tcp|
*For those requesting PSoft support, make sure your firewall settings allow SSH connection to PSoft IPs.
**For highest security, open:
- udp permanently;
- tcp worldwide during H-Sphere installation and post-installation tests;
- tcp between H-Sphere DNS servers permanently.
***Open these ports only if you want to use Mail SSL.
Note: In the above table, all ports should be opened for external connections unless specified otherwise (for example, "tcp between H-Sphere servers").
DNS Server Notes:
1. Port 953 (rndc) should be open for localhost only if your DNS server is using BIND 9.x.
2. If your DNS server is using BIND 8.x, it can be
upgraded to run with H-Sphere, but old domains would still have to
be managed by hand. Please agree your DNS server upgrade with
our installation team.
* As of now we don't provide support for Reverse DNS configuration.