Ompakim
Contributor
Contributor

Disable HTTP and some other ports on the ESXi Host

Jump to solution

Hi,

I'm working on a project where I need to set up a VMware ESXi host, but the project owner demands that all ports should be closed unless properly accounted for.

In that regard, I've done a port scan and the following ports on my host seem to be open by default:

PORT     STATE  SERVICE

22/tcp   open   ssh

80/tcp   open   http

427/tcp  closed svrloc

443/tcp  open   https

902/tcp  open   iss-realsecure

5988/tcp closed wbem-http

5989/tcp closed wbem-https

8000/tcp open   http-alt

8300/tcp open   tmi

9080/tcp open   glrpc

68/udp   closed dhcpc

161/udp  closed snmp

427/udp  open   svrloc

My question is: Is it possible to disable http (but not https)?

I've found ways to disable web access entirely, but I still want the server to respond on https.

Thanks!

0 Kudos
1 Solution

Accepted Solutions
MartinGustafsso
VMware Employee
VMware Employee

Port 80 (HTTP) is a redirect to port 443 (HTTPS).

Why does this need to be disabled? Usually the firewall will control access.

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

View solution in original post

0 Kudos
2 Replies
MartinGustafsso
VMware Employee
VMware Employee

Port 80 (HTTP) is a redirect to port 443 (HTTPS).

Why does this need to be disabled? Usually the firewall will control access.

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

View solution in original post

0 Kudos
Ompakim
Contributor
Contributor

The unsafe ports should be inaccessible on the LAN as well, according to project manager.

But I suppose since it's just a redirect, I can inform them that it doesn't really present a security breach, since they've approved the use of https anyhow.

Thanks!

0 Kudos