I was recently asked how to open ports within the firewall. Since it's been quite a while since I've had to do something like this, I took the time to relearn and write some documentation.

In this tutorial, I'll cover how to open a port on your server and test that it is open. More specifically, we will open port 9090.

Please note! This tutorial assumes you have a VPS Server or a Dedicated Server, that you have root access, and that you know how to connect to your server vis SSH.

Step 1: Check if the port is open already

The first thing we want to do is test using telnet to ensure port 9090 is not already open. Please note that you may need to enable telnet in Windows first.

(The below was ran from cmd.exe in Windows 7)
C:\Users\Brad>telnet yourdomain.com 9090
Connecting To yourdomain.com...Could not open connection to the host, on port 9090:
Connect failed

As you can see, the connection failed.

Step 2: Open the port

To open a port, first open for edit your APF configuration file - /etc/apf/conf.apf:

(The below was ran within PuTTY after connecting vis SSH)
root@vps### [~]# vim /etc/apf/conf.apf

Then, find the following lines and add the port in question:

# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="20,21,25,53,80,110,113,143,443,465,993,995,2049,2077,2078,2082,2083,2086,2087,2089,2095,2096,3306,5222,9090,12001"

# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53,161,32786,111,2049,9090"

After editing the file and adding the ports, restart APF:

root@vps### [~]# service apf restart

Step 3: Test again to see if the port is open

Now that APF is restarted, we can once again use telnet to test if the port is open:

(The below was ran from cmd.exe in Windows 7)
C:\Users\Brad>telnet yourdomain.com 9090
Connecting To yourdomain.com...
220-vps###.inmotionhosting.com ESMTP Exim 4.80 #2 Fri, 17 May 2013 05:11:39 -0700
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
As you can see, instead of the Connect failed message, we received the greeting from the application running on port 9090. Congratulations, you now know how to open a port on your server using ssh!

Please note! If you do not have any services running on your server listening to the port in question, you won't get a response when you do a telnet test. In the above scenario, we setup exim to listen on port 9090, which is why we received a response.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question
n/a Points
2014-11-22 1:35 pm

I can't connect putty it says: "Connection refused" and i don't have any port open on my VPS and i don't know how i do open them?

Staff
20,848 Points
2014-11-24 9:26 am
Hello Stw,

The instructions above will tell you how to open a port, however before you can connect to your VPS via Putty, you need to ensure you have added your IP to the firewall. This is the most common issue when first trying to connect to a VPS.

Kindest Regards,
Scott M
n/a Points
2014-11-28 2:50 pm
my Server work well at first, but then it started to say Network error: Connection refused on PuTTY and WinSCP ports are closed and I can not open them having any access on my server .. I have had this problem for more than 2 weeks.
Staff
10,994 Points
2014-11-28 3:29 pm
Hello Stw,

Thank you for contacting us today. If you are hosted with us, contact Live Support for assistance regaining access to your server.

Alternately, if you have cPanel/WHM available there are plugins available that allow you to make changes from the interface.

Otherwise, you may have to escalate to someone who has access, or can physically login to the server and make changes.

Thank you,
John-Paul

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

4 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!