Ports and Services
Web Server Ports
According to your choice of operating system and installation method, your web server on which Zend Server is installed, will be listening on a different port.
- DEB or RPM packages:
Zend Server will be installed on the distribution supplied web server which listens to port 80 by default. This can be set to another port by editing your Apache/nginx configuration.
Firewall Settings
The following document describes the minimal set of ports that must be opened in your firewall in order for the different Zend Server components to function.
If you are not using one of the Zend Server components listed below, you are not required to open any of its related ports.
Note:
Most ports can be configured. Each component’s relevant documentation includes configuration details.
Zend Server User Interface (Web GUI)
Function |
Port / Protocol |
Comments |
Web GUI Access |
TCP/10081 (HTTP) from client browser to Zend Server |
Should be open for administrative access, and between Zend Server cluster members. May be blocked if HTTPS (10082) is always used. |
Web GUI Access |
TCP/10082 (HTTPS) from client browser to Zend Server and between Zend Server cluster members |
Linux and Windows (Apache) only. Should be open for administrative access, and between Zend Server cluster members. May be blocked if HTTPS is never used. |
Local Web Server Control for Zend Server GUI |
TCP/10083 (HTTP) on localhost on Zend Server |
Must be open for localhost access only |
Updates periodical check for the GUI |
TCP/80 (HTTP) from Zend Server to updates.zend.com |
If closed, no updates will be listed in the Administration tab. This does not affect the Linux package managers’ ability to fetch updates. |
Update Notification Email Subscription |
TCP/80 (HTTP) from Zend Server to now.eloqua.com |
Optional, one time only. Not required for normal operation. |
Monitoring and Code Tracing
Function |
Port / Protocol |
Comments |
Event Reporting - Clustered environment |
TCP/3306 (MySQL) from cluster members to DB Server |
DB Server may be on any machine running Zend Server, or may be on a dedicated machine, depending on your configuration. Only required when running in Cluster. |
Event Viewing – Clustered environment |
TCP/3306 (MySQL) from Zend Server cluster members to DB Server |
DB Server may be on any machine running Zend Server, or may be on a dedicated machine, depending on your configuration. Only required when running in Cluster. |
Debugging and Profiling
Function |
Port / Protocol |
Comments |
Debugging / Profiling in open LAN |
TCP/10137 (Proprietary Debugger Protocol) from Zend Server (the debugging server) to Zend Studio (client machine) |
Zend Studio must be able to accept incoming connections from server. Will work when server and client are in the same LAN. If machines are separated by NAT routers or Firewalls, usage of tunneling or SSH port forwarding is required. |
Tunneling |
TCP/80 (HTTP, persistent connection) from Zend Studio to Zend Server. |
Linux only. Required to bypass NAT routers or Firewalls between Zend Studio and Zend Server. Connection starts as HTTP but is kept alive after HTTP request ends, and will be used to tunnel debugging traffic. |
Event Debugging and Profiling |
HTTP/S on application port (usually TCP/80) from Zend Server to application server or alternate debugging server |
The Zend Server GUI will attempt to reproduce the original triggering HTTP request when debugging an event. For this reason, in order to debug or profile an event, the GUI must be able to send HTTP/S requests to the same host name / port on which the application runs, or to an alternate debugging server if one is configured. |
Studio Settings Auto-Detection |
TCP/20080 (HTTP) on localhost on the client’s machine |
No interaction with the server is required - sent using AJAX to http://localhost:20080 by the user’s browser, in order to check Zend Studio configuration before debugging events. Not used if Studio Settings auto-detection is turned off. |
Zend Java Bridge
Function |
Port / Protocol |
Comments |
Java Bridge |
TCP/10001 from the Java Bridge extension to the Java Bridge server |
Job Queue
Function |
Port / Protocol |
Comments |
Job Queuing |
TCP/10085 (Proprietary JQ protocol) from Zend Server to Job Queue Daemon on local windows machine only |
On Linux, Zend Server is configured by default to use UNIX Domain Sockets instead of TCP. Opening port is only required in cluster or when queuing to a remote machine. |
Job Execution |
TCP/80 (HTTP) or any other port, depending on Job URL, from Job Queue Daemon to executing server |
Application Dependant: target host and port depend on Job URL, which may change per job. |
Session Clustering
Function |
Port / Protocol |
Comments |
Session Data Exchange – PHP to Session Clustering Daemon |
TCP/10062 on localhost on each Zend Server instance Windows only. |
In Linux, UNIX Domain Sockets are used by default. |
Session Data Exchange – Cluster Members |
TCP/10060 between Zend Server instances |
May be initiated between any pair of Session Clustering Daemons. Kept open until connection times out. |
Graceful Shutdown |
TCP/10063 between Zend Server instances |
Initiated during graceful shutdown / startup between the terminated server and replacement servers. |
Session Clustering Discovery and Status Checks |
UDP/10070 between Zend Server instances |
UDP Broadcast or Unicast (depending on configuration) between all cluster members.
|
Function |
Port / Protocol |
Comments |
Email notifications from the Audit Trail, Notification Center and Zend Monitor |
TCP/ port (SMTP) depends on configured mail service:
From Zend Server to configured mail server |
Optional, depends on mail settings and feature-specific configurations. |