Common ports are standardized network port numbers assigned to well-known protocols and services. In EC2, these ports must be explicitly opened in Security Groups to allow inbound or outbound traffic to reach your instance.
In AWS EC2, Security Groups act as virtual firewalls that control traffic to and from instances. To allow a service to be accessible, you must create an inbound rule that opens the corresponding port. Knowing the standard port numbers is essential for configuring Security Groups correctly and troubleshooting connectivity issues.
Port 22 — SSH (Secure Shell). Used to remotely log into Linux/Unix EC2 instances. Should be restricted to your IP only, never 0.0.0.0/0 in production.
Port 3389 — RDP (Remote Desktop Protocol). Used to remotely access Windows EC2 instances via a graphical desktop interface.
Port 80 — HTTP (HyperText Transfer Protocol). Unencrypted web traffic. Standard port for web servers like Apache, Nginx.
Port 443 — HTTPS (HTTP Secure). Encrypted web traffic using TLS/SSL. Required for secure websites and APIs.
Port 8080 — Alternative HTTP port. Commonly used for development web servers, Jenkins, Tomcat, and proxies.
Port 8443 — Alternative HTTPS port. Used by some application servers as a non-privileged HTTPS port.
Port 3306 — MySQL and Amazon Aurora (MySQL-compatible). Should only be open to the app tier security group, never to the internet.
Port 5432 — PostgreSQL and Amazon Aurora (PostgreSQL-compatible).
Port 1521 — Oracle Database.
Port 1433 — Microsoft SQL Server (MSSQL).
Port 27017 — MongoDB. Default port for MongoDB standalone and replica set connections.
Port 6379 — Redis. Default port for Redis in-memory data store and Amazon ElastiCache.
Port 11211 — Memcached. Default port for Memcached caching service and Amazon ElastiCache.
Port 25 — SMTP (Simple Mail Transfer Protocol). Outbound email. AWS blocks port 25 by default on EC2 to prevent spam; use Amazon SES instead.
Port 465 — SMTPS (SMTP over SSL). Encrypted outbound email.
Port 587 — SMTP Submission. Modern port for authenticated email sending with STARTTLS.
Port 110 — POP3 (Post Office Protocol v3). Receiving email.
Port 143 — IMAP (Internet Message Access Protocol). Receiving email with folder support.
Port 993 — IMAPS (IMAP over SSL). Encrypted email retrieval.
Port 21 — FTP (File Transfer Protocol). Unencrypted file transfer. Avoid in production; use SFTP (port 22) instead.
Port 53 — DNS (Domain Name System). Used by AWS Route 53 and internal DNS resolution.
Port 123 — NTP (Network Time Protocol). Time synchronization — EC2 instances sync with AWS's NTP servers.
Port 2181 — Apache ZooKeeper. Coordination service used by Kafka and HBase.
Port 9092 — Apache Kafka. Default broker port for Kafka message streaming.
Port 5601 — Kibana. Web UI for the ELK (Elasticsearch, Logstash, Kibana) stack.
Port 9200 — Elasticsearch / OpenSearch HTTP API.
Port 2379 / 2380 — etcd (used by Kubernetes for cluster state storage).
Port 6443 — Kubernetes API Server. Used to communicate with a Kubernetes cluster.