frame
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In RegisterHowdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Categories
- 1.3K All Categories
- 7.3K General
- 6.2K General Discussions
- 410 Feature Request/Bug Report
- 544 Sales Questions and Answers
- 54 Time4VPS Life
- 239 Help requests
- 241 Server management
- 348 Tutorials
- 61 Various Tutorials
- 49 Web hosting control panels
- 130 Performance and Security
- 28 Web Applications
- 57 Linux Applications
- 23 Windows VPS
Port management on VPS (Ubuntu, AlmaLinux, Debian, Rocky Linux)
Ievaz
Administrator
Managing a VPS? You definitely need to know which network ports are open or blocked to keep things working well and secure. This tutorial walks you through the steps to check the status of ports on VPS setups like Ubuntu, AlmaLinux, Debian, and Rocky Linux.
1. netstat
You might need to install net-tools package if it is not installed:
sudo apt install net-tools # Ubuntu/Debian
sudo yum install net-tools # AlmaLinux/Rocky Linux
Then you can run netstat to check the listening ports:
sudo netstat -tulnp | grep LISTEN
-t → Show TCP ports
-u → Show UDP ports
-l → Show listening ports
-n → Show numerical addresses instead of resolving names
-p → Show the process using the port
Example output:
Externally accessible:
SSH (Port 22) is open on IPv6, which means remote users can connect via IPv6.
Locally accessible only:
DNS resolver on Ports 53 (127.0.0.53:53 and 127.0.0.54:53) is only accessible within the server and not externally.
To check if SSH is listening on IPv4 as well, you can run the following commands:
ss -tulnp | grep ssh
This will list all TCP and UDP listening ports and filter for ssh. If you see 0.0.0.0:22, it means SSH is open on IPv4 as well.
netstat -tulnp | grep ssh
If SSH is listening on IPv4, you should see 0.0.0.0:22 (meaning it's open to all IPv4 addresses).
2. ss
The ss command is a faster and more modern alternative to netstat.
sudo ss -tulnp
This provides similar output to netstat but with better performance.
3. nmap
nmap is a powerful network scanner used to detect open and closed ports.
Install nmap:
sudo apt install nmap # Ubuntu/Debian
sudo yum install nmap # AlmaLinux/Rocky Linux
You can use this command to scan the open ports on Localhost:
sudo nmap -p- localhost
-p- → Scan all 65535 ports
4. Checking firewall rules (UFW and Firewalld)
For Ubuntu/Debian (Using UFW):
sudo ufw status
For AlmaLinux/Rocky Linux (Using Firewalld):
sudo firewall-cmd --list-all
5. Checking Port-Specific Status
Using nc (Netcat) to Test If a Port is Open:
nc -zv localhost 80
-z → Scan without sending data
-v → Verbose output
Conclusion
By using tools like netstat, ss, nmap, ufw, and firewalld, you can effectively check which ports are open and blocked on your VPS. This helps in troubleshooting connectivity issues and enhancing security by ensuring that only necessary ports are accessible.
foot
Feel free to join our constantly expanding community, participate in discussions, strengthen your knowledge on Linux and Windows server management!
© 2013 - 2025 Time4VPS. All rights reserved.