How to open a port in your firewall
I was recently asked how to open ports within the firewall. Since it's been quite a while since I've had to do something like this, I took the time to relearn and write some documentation.
In this tutorial, I'll cover how to open a port on your server and test that it is open. More specifically, we will open port 9090.
Step 1: Check if the port is open already
(The below was ran from cmd.exe in Windows 7) C:\Users\Brad>telnet yourdomain.com 9090 Connecting To yourdomain.com...Could not open connection to the host, on port 9090: Connect failed
As you can see, the connection failed.
Step 2: Open the portTo open a port, first open for edit your APF configuration file - /etc/apf/conf.apf:
(The below was ran within PuTTY after connecting vis SSH) root@vps### [~]# vim /etc/apf/conf.apf
Then, find the following lines and add the port in question:
# Common ingress (inbound) TCP ports IG_TCP_CPORTS="20,21,25,53,80,110,113,143,443,465,993,995,2049,2077,2078,2082,2083,2086,2087,2089,2095,2096,3306,5222,9090,12001" # Common ingress (inbound) UDP ports IG_UDP_CPORTS="53,161,32786,111,2049,9090"
After editing the file and adding the ports, restart APF:
root@vps### [~]# service apf restart
Step 3: Test again to see if the port is open
Now that APF is restarted, we can once again use telnet to test if the port is open:
(The below was ran from cmd.exe in Windows 7) C:\Users\Brad>telnet yourdomain.com 9090 Connecting To yourdomain.com... 220-vps###.inmotionhosting.com ESMTP Exim 4.80 #2 Fri, 17 May 2013 05:11:39 -0700 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.As you can see, instead of the Connect failed message, we received the greeting from the application running on port 9090. Congratulations, you now know how to open a port on your server using ssh!
Please note! If you do not have any services running on your server listening to the port in question, you won't get a response when you do a telnet test. In the above scenario, we setup exim to listen on port 9090, which is why we received a response.
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!
2014-11-22 1:35 pm
I can't connect putty it says: "Connection refused" and i don't have any port open on my VPS and i don't know how i do open them?
2014-11-24 9:26 am
The instructions above will tell you how to open a port, however before you can connect to your VPS via Putty, you need to ensure you have added your IP to the firewall. This is the most common issue when first trying to connect to a VPS.
2014-11-28 2:50 pm
my Server work well at first, but then it started to say Network error: Connection refused on PuTTY and WinSCP ports are closed and I can not open them having any access on my server .. I have had this problem for more than 2 weeks.
2014-11-28 3:29 pm
Thank you for contacting us today. If you are hosted with us, contact Live Support for assistance regaining access to your server.
Alternately, if you have cPanel/WHM available there are plugins available that allow you to make changes from the interface.
Otherwise, you may have to escalate to someone who has access, or can physically login to the server and make changes.