Subsonic Forum

[MuadDib_II]

Hi all,

After using Subsonic for a while, I decided to try the https protocol in the Subsonic Control Panel. Everything works fine, but I've got one little question:

When I have the https protocol enabled and I do the Shield's Up test to see my ports status, I got the port used in the https configuration open. When I disable the https port forward, the same port appears to be closed. I would like to know what are the consequences of this, thats it, it's safer to use the https with an open port or don't use it to have the closed port. All my other ports give me a stealth result.

Thanks in advance for all your replies,
Marc

[ytechie]

Whichever port you use will have to remain open to the public. Generally HTTPS uses port 443, which is scanned by many 'quick' port scanners. These port scanners may not discover other obscure ports, because scanning for every port is generally not necessary when setting up a website. However, if someone wants to scan your IP address for open ports and they use a more powerful and featured tool such as Nmap, they will most likely discover even those obscure ports which the 'quick' scanners overlooked.

Whether you use HTTP or HTTPS, use port 80, 443 or 6789, a port will remain open to the public. This is not very risky assuming the port is directed towards your server which is secured. HTTPS is more secure than HTTP because it encrypts the data that travels over the internet, protecting your passwords and browsing habits from being seen. Even if you have port 443 open, there is not much that a hacker can do with that information alone. You should be fine.

If you have any questions, feel free to ask!

Hope this helps,
Yosef (ytechie),
CCNA

[MuadDib_II]

Thanks for your reply ytechie,

I don't know a lot of this ports thing, so it came a small doubt if it was ok or not have the port open...
One last question, can I change to an other port, like 55231 for example? Does this changes something in terms of security?

Thanks again,
Marc

[BKKKPewsey]

You can use any unused port in SS - however it makes very little difference (if any) to security as an aggressive port scan will still detect it.

[MuadDib_II]

Thanks for your answer BKKKPewsey. I'll see what I'll do now...

[ytechie]

Also, I sometimes am blocked from using certain obscure ports by certain browsers. If I remember correctly, I was unable to use port 666 at one point, and there is a thread somewhere on this forum of someone with a similar issue. If your browser blocks certain ports, just realize that that is not unusual.