Network Security & Port Filtering
Port restrictions policy
To ensure the highest level of security and performance for your services, we use default port protection. This prevents unauthorized use and keeps our IP ranges in excellent standing, so your projects always run smoothly in a safe and reputable digital environment.
Blocked Ports by Default:
- Email Services: 25, 465, 587, 2525
- Directory & Management: 389, 53413
- Remote Desktop (RDP): 3389 (Linux VPS only)
Port 3389 (RDP) remains open on Windows VPS instances to allow you to manage your server via Remote Desktop.
How to Request Unblocking
If your project requires one of these ports, we are happy to review your case. To request an unblock, please contact our support team with the following information:
- Purpose: A brief description of why these ports are needed for your specific use case.
- Project Details: A link to your website or a summary of the software/services you plan to run.
Our Review Process
Each request is evaluated individually. To help us process your request quickly, please ensure your explanation is as clear as possible. We may ask for additional details or keep the restrictions in place if the security necessity or use case remains unclear. This process helps us keep our network clean and reliable for all our customers.
Understanding Our Port Policy
To help you better understand our security measures, here is a brief breakdown of why specific ports are filtered by default. Our goal is to protect your project’s reputation and ensure the overall stability of our network.
Email Services (Ports: 25, 465, 587, 2525)
Reason: Spam Prevention & IP Reputation.
The primary reason for restricting these ports is to prevent outbound spam. If a single server in our network is compromised and starts sending spam, it can lead to our entire IP range being blacklisted by major providers like Gmail or Outlook. By managing these ports, we ensure that your IP address maintains a high deliverability rate and stays off global blacklists.
Directory & Management (Ports: 389, 53413)
Reason: DDoS Mitigation & Data Integrity.
Port 389 (LDAP): This port is frequently exploited for "UDP Amplification" attacks, where attackers use your server to launch massive DDoS attacks against third parties. It can also expose sensitive directory information if not properly secured.
Port 53413: This is a non-standard port often targeted by malicious scanners looking for specific software vulnerabilities. Closing it by default reduces the "attack surface" of your server, making it less visible to automated hacking bots.
Remote Desktop / RDP (Port: 3389 – Linux Only)
Reason: Brute-Force Protection.
Since Linux servers are managed via SSH (typically on port 22), leaving the Windows RDP port (3389) open on a Linux instance is an unnecessary security risk. It attracts automated bots that attempt "brute-force" attacks to guess passwords.
