What ports should be open on a Ubuntu LAMP server?

February 14, 2014 5.3k views
If we're running Ubuntu Server with LAMP and Mail installed (that's all), what ports should be open for things to run smoothly. I know :80 is for Apache/HTTP, and one for MySql and SSH. What others should be kept open for the site and mail to work? We plan on keeping all others closed as most places will tell you. If there are others open is it something to be concerned? Also, what's the best way to find/list what ports are open and close them?
4 Answers
You should close MySQL.

Keep SSH (22), HTTP (80), Mail (if using the server for SMTP) (25), and SSL (443) open.
To find the list of open ports, install nmap, then run "nmap localhost".

You can also try:
netstat -ntulp

It's a little dated but this is a solid, easy to follow guide to securing Ubuntu Server: http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics
Have another answer? Share your knowledge.