Open ports monitoring

Coming soon: Open ports monitoring is currently in development and will be available shortly.

Our open ports monitoring helps you track port availability on your servers. You can monitor both ports that should be open (for availability) and ports that should be closed (for security).

Check frequency #

These checks run every hour by default on each of your monitors. You can customize the frequency in your monitor's settings if you need more or less frequent checks.

Two types of port monitoring #

Ports that should be open

For availability monitoring, you can specify which ports should always be accessible. Common examples include:

• Port 80 (HTTP) - Your web server
• Port 443 (HTTPS) - Your secure web server
• Port 22 (SSH) - Remote access to your server

If any of these ports become unreachable, you'll receive a notification so you can investigate. This could indicate a firewall misconfiguration, a crashed service, or a network issue.

Ports that should be closed

For security monitoring, you can specify which ports should never be publicly accessible. This is useful for catching accidental exposure of sensitive services. Common examples include:

• Port 3306 (MySQL) - Your database server
• Port 5432 (PostgreSQL) - Your database server
• Port 6379 (Redis) - Your cache server
• Port 27017 (MongoDB) - Your database server
• Port 11211 (Memcached) - Your cache server
• Port 9200 (Elasticsearch) - Your search server
• Port 3389 (RDP) - Remote desktop access
• Port 23 (Telnet) - Insecure remote access

If any of these ports become accessible from the internet, you'll receive an alert. This is a critical security notification that warrants immediate investigation.

How we perform port scanning #

We use TCP connection attempts to determine if a port is open, closed, or filtered. The scan is performed from our monitoring infrastructure, simulating what an external attacker or legitimate user would experience when trying to connect to your server.

For each port, we determine one of three states:

• Open - A connection could be established. The service is accepting connections.
• Closed - The connection was refused. No service is listening on this port.
• Filtered - The connection timed out. A firewall is likely blocking traffic.

Configuring port monitoring #

To enable port monitoring on your site:

1. Go to your monitor's settings page
2. Find the "Open ports" section
3. Add the ports you expect to be open
4. Add the ports you expect to be closed
5. Save your settings

You can add any port number between 1 and 65535.

Understanding the results #

When we detect an issue, you'll see it in your monitor's dashboard along with details about:

• Which port changed state
• What the expected state was (open or closed)
• The current detected state
• When the change was detected

Historical data is kept so you can track when ports change state over time.

Common use cases #

Web server monitoring

Monitor ports 80 and 443 to ensure your web server is accessible.

Database security

Monitor your database ports (3306, 5432, 27017, etc.) to ensure they're not accidentally exposed to the internet. Databases should typically only be accessible from your application servers, not from the public internet.

Service availability

If you run services on non-standard ports (like an API on port 8080), add those to your expected-open list to monitor their availability.

Security auditing

Regularly check that sensitive ports remain closed. Even if you trust your firewall configuration, it's good to verify from an external perspective.

Notifications #

You'll receive notifications when:

1. An expected-open port becomes closed - A service you expect to be running has become unreachable
2. An expected-closed port becomes open - A service that should be internal is now publicly accessible (security alert)
3. Issues are fixed - When all ports return to their expected states

Security-related notifications (expected-closed ports becoming open) should be treated as high priority and investigated immediately.