Opening CSF ports to work with a dynamic ip

Portal Home > Knowledgebase > Articles Database > Opening CSF ports to work with a dynamic ip

Posted by bambinou, 09-02-2015, 10:17 AM
Hello, I have a quick question please. On my server, if I type: http://mysite.com:80/file/test.txt I can access the file. But if I go in the WHM panel and set the CSF TCP and UDP port to 8600, save and restart the CSF. I cannot manage to go here: http://mysite.com:8600/file/test.txt Any idea why please? I thought we could simply open a port in the CSF and have it open all the time. Thank you, Ben
Posted by my247webhosting, 09-04-2015, 09:04 AM
Unless you have some services on port running you just cannot access ports Like 80 has service apache if you have some other TCP service the port you are trying to access you can access it
Posted by bambinou, 09-04-2015, 09:23 AM
I see...... I got it, no it makes sense..... What I would like to know as I am still new to coding, by service, do you mean a little program that runs from the Linux operating system or can it be a simple php script? If it is a PHP script, how can I tell the server to open such ports when for example my printer sends a ping to the server? I have always built simple forms with validations and CRUDs but it would be interesting to know how to actually open a port using PHP...... So the printer pings the php file>>inside the php file there is a clever little port opening script>>the port opens>>the printer communicate. Now the most important, which type of ports should be open TCP or UDP? As I am not not sure what is the difference between both. I checked online but it still does not make much sense to me apart that they are just 2 different communication protocols. Thank you, Ben Last edited by bambinou; 09-04-2015 at 09:27 AM.
Posted by Srv24x7, 09-04-2015, 09:52 AM
Hi, You should hire a system admin who can do this for you rather because there are lot of technicalities involved in trying to explain how the web works. Webserver basically listens on port 80 for http and 443 for https requests and this is standards defaults. However, you can change your server configuration and change those port as you wish, but that will not be world recognizable. For example, you decide to move your webserver to port 8600. By default, web traffic coming to your server will only go to 80 or 443 and not go to 8600 unless you have routers who direct them. What you have done is only configured the firewall to make port usable for the any service. For anything to work like http://mysite.com:8600/file/test.txt, you must have a web browser listen to that certain port.
Posted by bambinou, 09-04-2015, 10:46 AM
Thank you for the explanations. Yes I knew about those 2 ports, 80 is for http but 443 is more for https. I have on my decided server whm installed with CSF, What I did is open the port 8600 tcp for incoming and outgoing connections in the CSF. From the research I have done, It looks like I can open a port by using this type of script on the server side: http://php.net/manual/en/function.fsockopen.php Here is I think what I need: http://www.funphp.com/?p=33
Posted by brianoz, 09-05-2015, 01:34 AM
Yes, but the question is, why would you want to open a random port? What is the benefit you are looking for? Generally speaking, opening a random port is a bad idea.
Posted by bambinou, 09-05-2015, 03:43 AM
Hello, I have this printer 2G, in the setup of the printer 2 ports are required, one to send the initial pinging and download the order that will be on a txt file and the other port for the call back. They are not giving you a specific port and they say that you can choose any. I could set both port to the same number. Based on this, why do you think it is a bad idea to open for example port 8600? All I need to know really is the answer to the below questions as I am only getting fragments of info here and there: 1)If you had to choose a port, which one would you use if it makes a difference? 2)When you decide which port to use and add it to the csf firewall(which I am confident with), which protocol to use, tcp or udp. if any, why? 3)which php script should I use to open a port when the printer communicates with the server. Thank you, Ben
Posted by Srv24x7, 09-07-2015, 10:34 AM
Hi, 1)If you had to choose a port, which one would you use if it makes a difference? --> Any port apart from the standard defined ones (/etc/services) 2)When you decide which port to use and add it to the csf firewall(which I am confident with), which protocol to use, tcp or udp. if any, why? --> TCP as most of the connection is through this. Avoid UDP. 3)which php script should I use to open a port when the printer communicates with the server. --> Just adding the port in the firewall does not open it straight away. Communication to the port can only be opened if any service is listening to it or bind to it. Services communicates with the port for that incoming and outgoing.
Posted by bambinou, 09-07-2015, 11:52 AM
Thank you. The answer 3 is the one that got me stuck. How to run a php script as a service please, any idea? Thank you, Ben
Posted by Arnie21, 09-07-2015, 07:55 PM
What exact software is installed on the server that communicates with the printer? I think that's what you want to ask. If you've already opened up the ports then that software would be able to use the port. If it's not working after opening the ports then double check if the port is really opened using netstat on linux.
Posted by serversolutions24x7, 09-08-2015, 06:05 PM
if the application you are using to communicate with printer is running on the server, you can check the actitve listening ports through netstat which would give you the clear idea exactly which port is to be open
Posted by Vinayak_Sharma, 09-08-2015, 07:57 PM
Ben, you have to understand some basics before moving forward, you have to know what is what and what they do. So, in a simple layman manner, things can be explained like this: CSF:- Firewall, works like a watchman who open/closes doors/windows (ports) and keep watch for trespassers. Apache:- Webserver, works like a receptionist/office assistant (service) who serves you with the material/information that is asked for. PHP:- Scripting language, works like an office clerk who gather the required information from cupboards/files process it, formats it and hand back the information to office assistant to be further handed over to the visitor/client (your browser/printer). In the above scenario: A visitor/client can not enter a building if all doors are closed, say by default front gate is open, but you want a side door to be open too, so you tell the watchman (CSF) to open that door (port). But there is no one to receive the visitor/client at the side door, so either you designate the existing receptionist/office (webserver) to take care of the side door too or you employ another receptionist/office (webserver) to server at the side door (alternate port, in your case 8600). Now the office clerk (PHP) will be able to serve requests coming from both the doors (ports) via office assistant (not directly). Now, in technical terms, if you have a properly configured/optimised/secured cPanel server, you will open the port (8600) in CSF, you will make webserver listen to alternate port (8600) too or deploy abother webserver (apache/nginx/lighttpd, there are many) for that. you will configure PHP to work with the additional webserver too. Answer to "How to achieve this" depends on how you are using this server. Is it for a single or multiple domains/sites? Do you want the webserver to listen on more than one port or you want to change the default port to 8600 and close the default port 80? Do you want to mess with the server configurations yourself, or you want some one to do this for you?
Posted by bambinou, 09-09-2015, 02:47 AM
Hi Vinayak_Sharma, Thank you so much for the in depth explanation. Yes the part I discovered this week is that I have always believed that when you opened a firewall on an computer/server, that port would be automatically opened even if no background services required it. Now I am understanding that the port will only open if required to do so by a "keeper". What I am trying to do is this: I have 2g printers and they work this way: 1 - You pass an order from the website 2 - This order is sent to a .txt file, each printer will have his own generated .txt file. 3 - Every 10 seconds each printers(as we can have as many as we want), ping a specific website directory to check for new orders. On the step 3, the way it works is that the printer is internally set with a username, password, printer ID and communication port. On the website server there is a middle man file just before the txt file download, during each printer pings, the printer will ping this php file, that specific php file will then check for the username, password and printer id, if they match, the txt file will be made available to the printer. 4 - The printer will then download the first 1024 Bytes of data, if the order is longer, the printer will redownload more and more data after each ping request. Here is where I am confused and this is where I would like to get some advice from someone that knows very well this part. Assuming that the server use port 80 for http requests, why can't I set the printers to communicate with the port 80 instead of using another random port? The printer manufacturer is telling me that I can set any ports, in their demo it was the port 8600 but in this specific case why should I set another port than port 80? I just need to understand the benefit of setting a port different from port 80. 5 - When the order is done, the guy in the restaurant receives a message on the printer saying "do you want to accept this order". 6 - If the guy pressed "Yes" a call back is sent to the server communicating with the call_back.php file we have set with GET parameters(printer id,reason for order refusal(if any), time of acceptance). 7 - If the order is accepted the word "Accepted" is found in the GET parameters, the order from the call back is checked against the order in the database, if they match, the order shown as "progressed" on the website. 8 - To remember, in the printer we can set a port for the initial pinging and a different port for the call back. So now you know the whole scenario, what do you think I should do please? I have found this online: http://www.funphp.com/?p=33#comment-62497 Here the guy shows a script that is used to apparently listen on a specific port. But if this is set as a cron job, could I run it every 1 or 2 second for example? Thank you. Ben
Posted by Vinayak_Sharma, 09-09-2015, 05:56 AM
Yes you can run it as a cron job any X seconds. Better run it as a service, example is given in that page itself.
Posted by sleddog, 09-09-2015, 07:26 AM
You may have a public website at http://yourdomain.com, which will be accessed via the default http port (80). If you have a custom web service that you also want to access at yourdomain.com, you can configure that service to use a different port, e.g. 8600, and then access the service at http://yourdomain.com:8600 without affecting the operation of your public website.

Add to Favourites Print this Article