| Port | Protocol | Service | Description | Expose? |
|---|
A network port is a numbered endpoint that identifies a specific process or service on a computer. When data travels across a network, the port number tells the operating system which application should receive it. Think of an IP address as a street address and the port number as the apartment number.
Port numbers range from 0 to 65,535. They are divided into three ranges: Well-known ports (0 to 1023) are assigned by IANA to standard services like HTTP, SSH, and DNS. Registered ports (1024 to 49151) are used by specific applications like MySQL, PostgreSQL, and Redis. Dynamic ports (49152 to 65535) are assigned temporarily by the OS for client-side connections.
TCP (Transmission Control Protocol) guarantees delivery. It establishes a connection, confirms receipt of every packet, and retransmits anything lost. This makes it the right choice for web traffic (HTTP/HTTPS), email (SMTP), file transfers (FTP), and database connections where every byte counts.
UDP (User Datagram Protocol) prioritizes speed over reliability. Packets are sent without confirmation, which means lower latency but no guarantee of delivery. This is ideal for DNS lookups, video streaming, online gaming, VoIP calls, and any situation where a dropped packet is less harmful than a delayed one.
22 (SSH): Secure remote access to servers. If you deploy to any Linux server, you use this port. Keep it protected with key-based auth and fail2ban.
80 and 443 (HTTP and HTTPS): The backbone of the web. Port 80 handles unencrypted traffic, while 443 handles TLS-encrypted connections. Modern best practice is to redirect all port 80 traffic to 443.
3000, 5173, 8080 (Dev servers): These are the defaults for Node.js, Vite, and various proxy servers. Knowing these saves time when debugging "port already in use" errors during local development.
3306, 5432, 6379, 27017 (Databases): MySQL, PostgreSQL, Redis, and MongoDB respectively. These should never be exposed to the public internet. Always bind them to localhost or use a firewall.
The "Expose?" column in the table above reflects real-world security guidance. Ports marked "No" should never be accessible from the public internet without strong justification. Database ports are the most common offender: exposed MongoDB and Redis instances have led to massive data breaches because they often lack authentication by default.
Use a firewall (like ufw on Ubuntu or security groups on AWS) to restrict access to only the ports your application needs. Run netstat -tlnp or ss -tlnp on your server periodically to see what is actually listening.
If a service will not start because the port is already in use, find the process with lsof -i :PORT on macOS/Linux or netstat -ano | findstr :PORT on Windows. You can also test if a remote port is reachable with telnet hostname port or nc -zv hostname port.
For more networking and security tools, try the Password Generator for securing services, the Hash Generator for checksums, or the Chmod Calculator for setting file permissions on your server. For a broader look at free APIs you can build on, check out 30+ Free APIs for Developers in 2026.
This is a static reference page. Everything runs in your browser. No data is sent anywhere.