Port Checker

What Is a Port Checker?

A port checkeris a network diagnostic tool that tests whether a specific TCP port on a remote server is open and accepting connections. Every internet service — from websites (port 80/443) to email servers (port 25/587) to databases (port 3306/5432) — communicates through numbered ports. When you need to verify that a service is accessible, diagnose connectivity issues, or audit your server's security posture, a port checker is the first tool to reach for.

Our free online port checker performs a TCP handshake test against any hostname or IP address. If the three-way handshake completes, the port is open. If the connection is refused or times out, the port is closed or filtered. Combined with our port scanner mode, you can test up to 30 ports simultaneously — covering web services, email, databases, remote access, file transfer, and DNS in a single scan. For deeper network path analysis, combine port checking with our ping tool, traceroute, and SMTP test tools.

Free port checker and port scanner tool showing open and closed port results with response times and service detection — DNS Robot Port Checker & Port Scanner — Check open ports with real-time results, response times, and service identification.

How the Port Checker & Port Scanner Works

Our port checkeruses TCP connect scanning — the most reliable method for determining port status. Here's the step-by-step process:

Enter Host

Enter the domain name or IP address of the server you want to test. The tool resolves hostnames via DNS before connecting.

Select Ports

Choose a single port (Port Checker) or select categories like Web, Email, Database (Port Scanner) for up to 30 ports at once.

TCP Connection Test

The tool attempts a full TCP handshake to each port (5-second timeout). On success, it waits up to 2 seconds for a service banner.

Results & Analysis

Results stream in real-time showing port status (open/closed), response time in milliseconds, service name, and any detected banner.

Understanding Port States

When you check port status, the result falls into one of three states. Understanding these states is key to effective network troubleshooting:

Open

A service is actively listening and accepting connections. The TCP handshake completed successfully. This is expected for ports running web servers, mail servers, databases, and other services.

Closed

No service is listening on this port, or the connection was actively refused (TCP RST). The host is reachable but nothing is running on that port. This is normal for unused ports.

Filtered

A firewall, security group, or network device is silently dropping packets — no response at all (timeout). The port may be open behind the filter, but external access is blocked.

Common TCP Ports Reference

TCP ports range from 1 to 65535. Ports 1-1023 are "well-known ports" assigned by IANA to standard services. Here are the most commonly checked ports organized by category:

Web Services

80HTTP — Unencrypted web traffic

443HTTPS — Encrypted web traffic (TLS/SSL)

8080HTTP Alternate — Proxy/dev servers

8443HTTPS Alternate — Secure admin panels

Email Services

25SMTP — Mail relay (server-to-server)

465SMTPS — SMTP over implicit TLS

587Submission — Client mail submission

993IMAPS — IMAP over TLS

995POP3S — POP3 over TLS

Database Services

3306MySQL / MariaDB

5432PostgreSQL

1433Microsoft SQL Server

27017MongoDB

6379Redis

Remote Access & Other

22SSH — Secure shell access

23Telnet — Unencrypted remote access

3389RDP — Remote Desktop Protocol

53DNS — Domain name resolution

21FTP — File Transfer Protocol

Open Port Checker vs Port Scanner

While both involve testing ports, an open port checker and a port scanner serve different purposes:

Tests one port at a time
Quick verification of specific services
Ideal for "Is my web server up?" checks
Detailed single-port analysis

Port Scanner

Tests multiple ports simultaneously
Comprehensive service discovery
Security audits and attack surface mapping
Category-based scanning (Web, Email, etc.)

Our tool combines both — use the Port Checker tab for quick single-port verification, or switch to the Port Scanner tab for multi-port discovery. Both modes provide response times, service names, and banner information when available.

How to Check Specific Ports

The most-checked ports in the world are 443, 80, and 22 — HTTPS, HTTP, and SSH. Each serves a different role, and a closed or filtered result on any of them usually means a very specific problem. Below are targeted walkthroughs for each.

Check Port 443 (HTTPS)

Port 443 is the standard TCP port for HTTPS — encrypted web traffic secured with TLS/SSL. If your website is reachable over https://, port 443 is open on your server. A closed port 443 means visitors can't load your site securely — the browser either fails to connect or shows a security warning. Common causes: firewall blocking, web server not bound to 443, or TLS certificate not provisioned yet. A filtered port 443 (timeout) usually means a cloud security group or upstream firewall is dropping packets silently.

After verifying port 443 is open, validate the TLS certificate itself with our SSL checker— a certificate that's expired or mismatched will still accept TCP connections but fail for real users.

Check Port 443 Now

Check Port 80 (HTTP)

Port 80 is the default for HTTP — unencrypted web traffic. Even on HTTPS-only sites, port 80 should respond, typically with a 301 redirect to HTTPS. A closed port 80 breaks automatic Let's Encrypt certificate renewal via the HTTP-01 challenge, which needs to reach /.well-known/acme-challenge/on port 80. Many residential ISPs silently block inbound port 80 to prevent unauthorized web servers — if you're hosting at home, test from an external network.

If port 80 is open but your site returns an error, inspect the response with our HTTP headers tool to verify the web server is returning correct status codes and redirect chains.

Check Port 80 Now

Check Port 22 (SSH)

Port 22 is the standard port for SSH — secure remote shell access. An open port 22 means an SSH server is listening; closed usually means SSH is disabled, bound to a different port, or blocked by a firewall rule. For security, many sysadmins move SSH off port 22 (to 2222 or a custom high port) to reduce automated brute-force noise — if your SSH is on a non-standard port, test that port instead. Always pair with key-based authentication and tools like fail2ban; never expose password auth to the public internet.

When SSH is reachable but connections hang, check your server's network path with our traceroute tool and verify responsiveness with ping before opening a support ticket.

Check Port 22 Now

Gaming Server Port Check

Running a Minecraft, Rust, CS:GO, Team Fortress 2, or Battlefield server? Your friends can't join if the game server port isn't open through your router and firewall. Our port scanner includes a Gaming category that checks the most common game-server ports in one click — no manual port entry needed.

25565

Minecraft: Java Edition

Default Minecraft Java server port. The single most-checked gaming port on the internet.

19132

Minecraft: Bedrock

Bedrock uses UDP — a TCP test still confirms whether your router is forwarding the port number.

27015

Source Engine (CS:GO, TF2, HL)

Valve's Source engine games. Used by CS:GO, CS 1.6, Team Fortress 2, Half-Life, Garry's Mod.

28015

Rust RCON Admin

Remote admin console for Rust servers. Do NOT expose to the public internet without strong auth.

7777

Rust / Terraria / UT

Rust (game port), Terraria default, Unreal Tournament, Ark: Survival Evolved.

16567

Battlefield 4

Default BF4 server port. Also commonly used by BF3 private servers.

Closed usually means your router doesn't have port forwarding set up — open your router admin panel (often 192.168.1.1 or 192.168.0.1) and configure a NAT rule forwarding the game port to your server's local IP. Filtered means an upstream firewall (often your ISP) is silently dropping packets — residential ISPs increasingly block inbound ports on consumer plans. Some providers require a business plan or a paid static IP to host game servers.

Open Port Scanner with Gaming Ports

Port Security Best Practices

Open ports are necessary for services to function, but each open port is a potential entry point. Follow these best practices to minimize your attack surface:

Close Unused Ports

Disable services you don't need. Every open port increases your attack surface. Use netstat -tlnp to find listening services.

Use Firewalls

Configure iptables, ufw, or cloud security groups to whitelist only necessary traffic. Default deny all inbound.

Monitor Regularly

Schedule regular port scans of your infrastructure. Unexpected open ports could indicate a compromise or misconfiguration.

Encrypt Everything

Replace unencrypted protocols: use SSH (22) instead of Telnet (23), HTTPS (443) instead of HTTP (80), SFTP instead of FTP (21).

Change Default Ports

Move sensitive services (SSH, databases) off default ports. This reduces automated scanning attacks that target well-known port numbers.

Keep Services Updated

Patch and update all services with open ports. Unpatched services are the primary target for exploits against open ports.

Common Port Connectivity Issues

When your port checkshows a port as closed or you're experiencing connectivity issues, here are the most common causes and how to resolve them:

Port Blocked

A firewall, security group, or ISP is actively blocking the port.

- Check firewall rules (iptables -L)
- Verify cloud security group settings
- Contact ISP if port 25/80 is blocked
- Test with traceroute to find where packets stop

Connection Timeout

The connection attempt times out without any response — typical of filtered ports.

- Firewall is silently dropping packets
- Server is overloaded or unreachable
- Check with ping for basic connectivity
- Verify DNS resolution with DNS lookup

Service Down

The port returns "connection refused" — the host is reachable but no service is listening.

- Check if the service is running
- Verify service config (correct port/bind address)
- Check logs for crash or startup errors
- Restart the service and test with SMTP test for mail

Common port connectivity issues - firewall blocking, connection timeout, and service down with troubleshooting steps — Common port connectivity issues — Firewall blocking, connection timeouts, and service failures are the three main reasons a port check may fail.

Related Network Tools

Port checking works best in combination with other network diagnostic tools. Use these together for comprehensive troubleshooting:

Ping Tool

Test latency, packet loss, and jitter to any host

Traceroute

Trace network path hop-by-hop to diagnose routing

SMTP Test

Test SMTP connectivity with EHLO, STARTTLS, and TLS

DNS Lookup

Check all DNS records for any domain

IP Lookup

Find IP address location, ISP, and ASN details

SSL Checker

Verify SSL certificate on port 443

HTTP Headers

Analyze response headers and security configuration

IP Blacklist Checker

Check if an IP is listed on DNS blacklists

Frequently Asked Questions about Port Checking

What is a port checker?

A port checker is a network tool that tests whether a specific TCP port on a remote host is open and accepting connections. It works by attempting to establish a TCP connection to the target host and port. If the connection succeeds, the port is open; if it fails or times out, the port is closed or filtered. Port checkers are essential for network troubleshooting, firewall verification, and service monitoring.

What does an open port mean?

An open port means a service is actively listening and accepting TCP connections on that port number. For example, port 443 open means an HTTPS web server is running, port 22 open means an SSH server is accessible, and port 3306 open means a MySQL database is accepting connections. Open ports are necessary for services to function but should be limited to only those needed for security.

Is port scanning legal?

Port scanning your own servers and infrastructure is legal and a standard security practice. Scanning third-party systems without authorization may violate computer misuse laws in many jurisdictions. Always ensure you have permission before scanning ports on systems you don't own. Our tool is designed for legitimate network diagnostics — checking your own servers, verifying firewall rules, and troubleshooting connectivity.

Why is my port showing as closed?

A port may show as closed for several reasons: 1) No service is running on that port, 2) A firewall is blocking the connection, 3) The server's security group or ACL doesn't allow traffic on that port, 4) The ISP is blocking the port, 5) The host is behind a NAT without port forwarding configured. Check your firewall rules, verify the service is running, and ensure port forwarding is set up if behind NAT.

What is port 443 used for?

Port 443 is the standard port for HTTPS (HTTP over TLS/SSL) — encrypted web traffic. When you visit any website with 'https://' in the URL, your browser connects to port 443 on the web server. It's one of the most commonly open ports on the internet. If port 443 is closed on a web server, the site won't be accessible via HTTPS. Use our SSL checker tool to verify the certificate on port 443.

What is the difference between a port checker and a port scanner?

A port checker tests a single specific port on a host to see if it's open or closed. A port scanner tests multiple ports at once — often scanning entire ranges or categories of ports. Our tool combines both: the Port Checker tab tests one port at a time with detailed results, while the Port Scanner tab scans up to 30 ports simultaneously with real-time streaming results.

What are the most common TCP ports?

The most common TCP ports include: 80 (HTTP), 443 (HTTPS), 22 (SSH), 21 (FTP), 25 (SMTP), 110 (POP3), 143 (IMAP), 3306 (MySQL), 5432 (PostgreSQL), 3389 (RDP), 8080 (HTTP alternate), 993 (IMAPS), 995 (POP3S), 587 (SMTP submission), and 53 (DNS). These are known as well-known ports and are assigned by IANA.

How do I check if a port is open?

To check if a port is open: 1) Enter the hostname or IP address in our port checker tool, 2) Enter the port number you want to test (e.g., 443 for HTTPS), 3) Click 'Check Port'. The tool will attempt a TCP connection and report whether the port is open (accepting connections) or closed (not responding). You'll also see response time and service name.

Can I scan UDP ports with this tool?

Our port checker currently tests TCP ports only. TCP port checking is reliable because the TCP handshake provides a definitive open/closed result. UDP port scanning is inherently less reliable — UDP is connectionless, so a lack of response doesn't definitively mean the port is closed (the packet may have been dropped). For UDP services, we recommend testing the specific application protocol directly.

How many ports can I scan at once?

Our port scanner allows up to 30 ports per scan. You can select from predefined categories (Web, Email, Database, Remote Access, File Transfer, DNS & Network) or enter custom port numbers. Results stream in real-time as each port is checked, with open ports sorted to the top. The 30-port limit ensures fast results while preventing abuse.