Need to Open port 8081 8082

pakdhetimin · June 8, 2025, 1:57pm

Hello Everyone

My VPS is on Debian 12 with Hestiacp 1.9.3
I need to open port 8081 and 8082 because i need for my phyton and node.js project.
How to do it? Thanks in advance

nu01 · June 8, 2025, 2:18pm

2 ways.
One via CLI: CLI Reference | Hestia Control Panel
Example: v-add-firewall-chain CRM 5678 TCP
Second via the UI: Settings > Firewall > Add Rule > add the port as needed.

pakdhetimin · June 8, 2025, 3:20pm

Not working, still time-out.
Is it need to do with iptables config?

nu01 · June 8, 2025, 4:19pm

Ohh. I forgot, need to reload/restart iptables and firewall. My bad.

sahsanu · June 8, 2025, 4:58pm

You don’t need to add a chain, just add the right rule to open those ports:

v-add-firewall-rule ACCEPT '0.0.0.0/0' '8081,8082' TCP pynode

If that doesn’t work, show the output of these commands:

v-list-firewall
iptables -S

nu01 · June 8, 2025, 5:01pm

Sorry my bad. @pakdhetimin apologies for the confusion I caused.
However, you can add them via the UI as I mentioned and just reload the firewall and you are done.

pakdhetimin · June 9, 2025, 3:28am

RULE  ACTION  PROTO  PORT            IP         SPND  DATE
----  ------  -----  ----            --         ----  ----
1     ACCEPT  ICMP   0               0.0.0.0/0  no    2014-09-16
2     ACCEPT  TCP    8083            0.0.0.0/0  no    2014-05-25
3     ACCEPT  TCP    143,993         0.0.0.0/0  no    2014-05-25
4     ACCEPT  TCP    110,995         0.0.0.0/0  no    2014-05-25
5     ACCEPT  TCP    25,465,587      0.0.0.0/0  no    2018-11-07
6     ACCEPT  TCP    53              0.0.0.0/0  no    2014-05-25
7     ACCEPT  UDP    53              0.0.0.0/0  no    2014-05-25
8     ACCEPT  TCP    21,12000-12100  0.0.0.0/0  no    2014-05-25
9     ACCEPT  TCP    80,443          0.0.0.0/0  no    2014-09-24
10    ACCEPT  TCP    22              0.0.0.0/0  no    2014-09-16
11    ACCEPT  TCP    3306,5432       0.0.0.0/0  no    2025-06-08
12    ACCEPT  TCP    8081,8082       0.0.0.0/0  no    2025-06-09

-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N fail2ban-FTP
-N fail2ban-HESTIA
-N fail2ban-MAIL
-N fail2ban-RECIDIVE
-N fail2ban-SSH
-N fail2ban-WEB
-N hestia
-A INPUT -p tcp -m multiport --dports 25,465,587,110,995,143,993 -j fail2ban-MAIL
-A INPUT -p tcp -m tcp --dport 21 -j fail2ban-FTP
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-WEB
-A INPUT -p tcp -m tcp --dport 8083 -j fail2ban-HESTIA
-A INPUT -p tcp -m multiport --dports 1:65535 -j fail2ban-RECIDIVE
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 172.16.32.75/32 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8081,8082 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306,5432 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 21,12000:12100 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25,465,587 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A fail2ban-FTP -j RETURN
-A fail2ban-HESTIA -j RETURN
-A fail2ban-MAIL -j RETURN
-A fail2ban-RECIDIVE -s 91.205.219.185/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 80.93.199.153/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 61.222.211.114/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 222.107.251.147/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 216.55.137.59/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 188.83.71.207/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 172.208.24.217/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 152.32.145.111/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -s 139.59.24.220/32 -j REJECT --reject-with icmp-port-unreachable
-A fail2ban-RECIDIVE -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-WEB -j RETURN

here is the output, and still 8081 and 8082 have timeout when i check with DNSchecker.org for open port check

Raphael · June 9, 2025, 4:28am

probaly another firewall in front of it?

pakdhetimin · June 9, 2025, 8:01am

i am using alibaba cloud ecs and already add rules in security group to include port 8081 and 8082 in allowed traffic.

eXe · June 9, 2025, 9:12am

curl http://127.0.0.1:8081 ist working?

telnet YOUR_SERVER_IP 8081
# or
nc -zv YOUR_SERVER_IP 8081

sudo tcpdump -n port 8081

Then try to access the port again from another machine.

If you see nothing, the request never even reaches the server → likely a firewall or NAT/router issue. If you see packets, but the service doesn’t respond → likely an application issue or local firewall.

calete · June 12, 2025, 11:11am

I prefer to proxy them using nginx, that way is more easy (and guess secure) to handle ssl certificates. This is done creating a custom nginx template and assign it on the control panel.