Default Port Restrictions on Linux VPS

At Illevante Cloud, we prioritize the security, stability, and integrity of our network and clients. To prevent abuse, protect your data, and ensure fair resource usage, certain network ports are restricted by default on all Linux-based virtual machines (VPS) hosted on our platform.
This article outlines the incoming and outgoing ports that are blocked and explains why these restrictions are in place.
﻿
Table of contents
Why Are Ports Restricted?
Restricted Incoming Ports
Restricted Outgoing Ports
What Ports Are Open?
Best Practices
Need a Specific Port Open?
Why Are Ports Restricted?Many ports are commonly targeted for:
Spam delivery (SMTP abuse)
DDoS amplification
Botnet command-and-control channels
Vulnerabilities in outdated or misconfigured services
Restricting access to these ports by default:
Prevents malicious activity
Reduces the risk of server compromise
Ensures better performance across the node
Restricted Incoming PortsThese ports are blocked inbound by default unless you explicitly request access and apply proper security controls.
Port(s)
Protocol
Description
23
TCP
Telnet – insecure remote shell
69
UDP
TFTP – trivial file transfer, easily abused
5060
UDP/TCP
SIP – VoIP protocol targeted by scanners
520
UDP
RIP – legacy routing protocol
6660–6669
TCP
IRC – used in botnet and C2 activity
11211
TCP/UDP
Memcached – vulnerable to DDoS amplification
161–162
UDP
SNMP – reflection/amplification vector
1900
UDP
SSDP – often used in UPnP exploits
3306
TCP
MySQL – exposed databases are at risk
5432
TCP
PostgreSQL – restrict to private access only
8080, 8443
TCP
Alternative web ports – often attacked
10000
TCP
Webmin – remote admin interface
If you need one of these ports opened, contact our  support team . We recommend strict firewall rules and authentication before exposing any administrative or sensitive service.
Restricted Outgoing PortsThese ports are blocked outbound to prevent abuse from within VMs, particularly for email spam or reflection attacks.
Port(s)
Protocol
Description
25
TCP
SMTP – blocked to prevent spam
465, 587
TCP
Encrypted SMTP – restricted, use mail relay
69
UDP
TFTP – outbound file transfers blocked
123
UDP
NTP – limits DDoS amplification attacks
1900
UDP
SSDP – blocks outbound UPnP abuse
11211
TCP/UDP
Memcached – outbound DDoS prevention
6660–6669
TCP
IRC – blocks botnet communication
17
UDP
QOTD – used in some DDoS attack methods
What Ports Are Open?By default, the following ports are open and commonly used for normal operation:
Port
Service
Use Case
22
SSH
Secure remote login
80
HTTP
Websites and apps
443
HTTPS
Secure websites and APIs
53
DNS
Outbound name resolution
You can also open additional ports through your firewall (e.g. ufw, firewalld, iptables) or request assistance from our  support team .
Best PracticesUse a firewall: Configure ufw, iptables, or firewalld to control open ports.
Enable key-based SSH login: Avoid password authentication for better security.
Use secure mail relays: To send email from your VPS, use Illevante Cloud’s outbound relay or SMTP relay service or a third-party SMTP provider like Mailgun, SendGrid.
Expose databases only internally: Use private networking or restrict to trusted IPs.
Need a Specific Port Open?If your application requires access to a restricted port (e.g. VoIP, outbound SMTP), please  contact support  with the following details:
Purpose of the port
Security measures in place (e.g., firewall, authentication)
Destination or source IPs (if applicable)
We'll review your request and enable access if it complies with our security and abuse policies.