Server Service Ports
The following services are available for all managed servers with the Plesk Control Panel. Please note that services marked as "optional" are not automatically running on your managed server and must be installed manually.
Administrative Services
| Service | Protocol | Port(s) |
|---|---|---|
| SSH / SFTP | TCP | 22 |
| FTP (Active) | TCP | 21, 20 |
| FTP (Passive) | TCP | 21, 49152 - 65535 |
| Plesk Control Panel | TCP | 8443, 8447 |
Email Access
| Service | Protocol | Port(s) |
|---|---|---|
| POP3 (SSL / TLS) | TCP | 995 |
| IMAP (SSL / TLS) | TCP | 993 |
| SMTP (SSL / TLS) | TCP | 465 |
| SMTP (STARTTLS) | TCP | 587 |
Web Server
| Service | Protocol | Port(s) |
|---|---|---|
| nginx (HTTP) | TCP | 80 |
| nginx (HTTPS) | TCP | 443 |
| Apache2 (HTTP) | TCP | 7080 |
| Apache2 (HTTPS) | TCP | 7081 |
Databases
| Service | Protocol | Port(s) |
|---|---|---|
| MySQL | TCP | 3306 |
| MSSQL (Optional) | TCP | 1433 |
| PostgreSQL (Optional) | TCP | 5432 |
Cloud Firewall
To enable access to one or more of the services listed above, they must be explicitly allowed in the cloud firewall for global access. For more information about the Cloud Firewall and the associated firewall rules, see the article Firewall Rules.
Opening ports globally may pose a security risk. If access is intended exclusively for a specific source, the firewall rule should be restricted to a source network or a source IP address.
Example Firewall Rule for FTP
Modern FTP programs and IDEs typically use the passive FTP protocol. To allow both FTP protocols within a single firewall rule, you can enter multiple destination ports separated by commas.
You can also use colon notation to allow the port range 49152:65535, which is required for the passive FTP protocol range.