Which ports do I need to open on AWS Lightsail?

Hello all,

I have a box is running very well and I followed one of the instructions to install MIAB on YouTube with AWS Lightsail. However, when I check the log. I noticed there are lots of different strange IP tried to access my server.

I also checked this post about what port do I need to open?

My question is about the ports and FIREWALL.

  • Based on the YouTube guide - We will open all TCP & UDP port from 0 - 65,535.
  • Based on the ports to open post. We will open ports: 22, 25, 53, 80, 443, 993, 995, 4190 for TCP only.

So I tried to allow only those ports above. Unfortunately, After I did that my MIAB server could not running anymore. Then, I have to reopen all the port for both TCP and UDP.

Could someone please guide me which ports should be open for safety and security?

Thank you so much
Cheers,
Quang

@quangmai911

This is the output of ufw status for my MiaB server.
(I have only shown ipv4, ipv6 uses the same exact ports)

80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
53 ALLOW Anywhere
25/tcp ALLOW Anywhere
587/tcp ALLOW Anywhere
993/tcp ALLOW Anywhere
995/tcp ALLOW Anywhere
4190/tcp ALLOW Anywhere

Port 53 is opened to both protocols. This is your culprit. And you also missed port 587

You stated that you are seeing a lot of attempts to access your server in the logs … many sysadmins will change the default ssh port (22) to a non-standard port. The reasoning for this is that most bots will simply move on to a different IP if port 22 is closed.

Port 53 is opened to both protocols. This is your culprit. And you also missed port 587

Thanks so much @alento. What you pointed out solved my problem. Now everything is running smoothly. Yay!

SPOT ON!!! :heart_eyes::kissing_heart::star_struck::smiling_face_with_three_hearts:

1 Like