Are you running a cPanel Cloud server?
Need to lock down your firewall but not sure what ports to allow exceptions for?

Well here is a quick snappy list to help you out.
Just add exceptions for the ports you need and set your default rule to Drop everything else.

Note: If you changed the port for SSH, be sure to include that port and remove port 22.

—–

21 FTP (TCP)
22 SSH (TCP)
25 SMTP (TCP)
53 DNS – Domain Name Server (TCP)
80 HTTP (TCP)
110 POP3 (TCP)
143 IMAP (TCP)
443 HTTPS (TCP)
465 sSMTP (TCP)
953 ??BIND??
993 IMAP4 protocol over TLS/SSL (TCP)
995 POP3 protocol over TLS/SSL (was spop3) (TCP)
2082 CPANEL (http://sitename.com:2082) (TCP)
2083 CPANEL SSL (https://sitename.com:2083) (TCP)
2084 entropychat server (disable from CPANEL service manager if not used) (TCP)
2086 WHM (http://sitename.com:2086) (TCP)
2087 WHM SSL (https://sitename.com:2087) (TCP)
2095 WebMail (http://sitename.com:2095) (TCP)
2096 WebMail SSL (https://sitename.com:2096)
3306 mySQL remote access (TCP)
6666 Melange chat Server (disable from CPANEL service manager if not used) (TCP)
7786 Interchange (TCP)
3000_3500
—–
5100 for ASP,
8080 and 8443 for JSP if you use them.