Port Checker

Test whether a TCP port is open or closed on any server or IP address. Results are checked from our network, not your local machine.

Quick Select Common Ports

What is Port Checking?

Port checking (also called port scanning) tests whether a specific TCP port on a remote server is accepting connections. Every networked service — web servers, mail servers, databases, SSH — listens on a specific port number. A port check tells you whether that service is reachable from the internet or whether a firewall is blocking access.

Port Status Explained

  • Open — The port is accepting connections. A service is actively listening, and the firewall (if any) is allowing traffic through. This is the expected state for public-facing services.
  • Closed — The port is reachable (not firewalled), but no service is currently listening on it. The host responds with a TCP RST (reset) packet.
  • Filtered — A firewall, router, or access control list is blocking traffic to the port. The host doesn't respond at all — requests are silently dropped. This is common for security-hardened servers.

Common Port Numbers and Their Services

  • Port 80 (HTTP) — Standard unencrypted web traffic. Most web servers listen here, though modern sites redirect to port 443.
  • Port 443 (HTTPS) — Encrypted web traffic using TLS/SSL. The default port for all modern websites.
  • Port 22 (SSH) — Secure Shell for encrypted command-line access to servers. Essential for server administration.
  • Port 21 (FTP) — File Transfer Protocol control channel. Legacy file transfer — generally replaced by SFTP (SSH file transfer) or FTPS.
  • Port 25 (SMTP) — Simple Mail Transfer Protocol for server-to-server email delivery. Should only be open on mail servers.
  • Port 587 (SMTP Submission) — The standard port for authenticated email submission from mail clients. Should require STARTTLS.
  • Port 3306 (MySQL) — MySQL database server. Should never be open to the internet — only accessible within a private network.
  • Port 5432 (PostgreSQL) — PostgreSQL database server. Same as MySQL — keep this firewalled from the public internet.
  • Port 3389 (RDP) — Windows Remote Desktop Protocol. A common attack target — if open, it should be protected with strong authentication and ideally restricted by IP.
  • Port 8080 (HTTP Alternative) — Commonly used for development web servers, proxies, or alternative HTTP services.

Firewall Concepts

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on rules. For any server connected to the internet, a firewall is essential. Best practice is to follow the principle of least privilege — only expose the ports that are strictly necessary for your service, and block everything else. This dramatically reduces your attack surface.

Cloud providers like AWS, GCP, and Azure provide security groups or firewall rules that control which ports are accessible. On a VPS or dedicated server, tools like ufw (Uncomplicated Firewall) on Ubuntu or firewalld on Red Hat/CentOS make it straightforward to manage port access.

How This Tool Works

This port checker uses HackerTarget's nmap API to perform the port scan from their network infrastructure. The results reflect whether the port is accessible from an external network perspective — the same view that anyone on the internet would have. This is different from checking locally, where you might be on the same network as the server (bypassing external firewalls).

Security Note

This tool is intended for legitimate network diagnostics and security auditing of servers you own or have permission to test. Port scanning without authorization may violate terms of service and potentially local laws.